Max CVSS 10.0 Min CVSS 2.1 Total Count21
IDCVSSSummaryLast (major) updatePublished
CVE-2005-0265 7.5
Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to execute arbitrary SQL commands via the (1) parent or (2) sortposted parameter.
17-10-2016 - 23:09 02-05-2005 - 00:00
CVE-2005-0264 4.3
Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) expand or (2) order parameter.
17-10-2016 - 23:09 02-05-2005 - 00:00
CVE-2004-2738 4.3
Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.
17-10-2016 - 23:07 31-12-2004 - 00:00
CVE-2004-1422 5.0
WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo, which reveals php settings.
17-10-2016 - 22:54 31-12-2004 - 00:00
CVE-2004-1421 7.5
Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the server_inc parameter to r
17-10-2016 - 22:54 31-12-2004 - 00:00
CVE-2004-1420 4.3
Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) site_title or (2) http_images parameter.
17-10-2016 - 22:54 31-12-2004 - 00:00
CVE-2004-1419 6.8
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web
17-10-2016 - 22:54 31-12-2004 - 00:00
CVE-2004-1373 7.5
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
17-10-2016 - 22:53 23-12-2004 - 00:00
CVE-2004-1125 9.3
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-2603 4.3
Cross-site scripting (XSS) vulnerability in the Search module in UberTec Help Center Live (HCL) allows remote attackers to inject arbitrary web script or HTML via the find parameter to index.php.
07-03-2011 - 21:19 31-12-2004 - 00:00
CVE-2004-1270 2.1
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1269 5.0
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1268 2.1
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1267 6.5
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1154 10.0
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of securit
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-0915 5.0
Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
10-09-2008 - 15:28 10-01-2005 - 00:00
CVE-2005-4831 4.3
viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting (XSS) and other attacks, as demonstrated using (1) "text/html", or (2)
05-09-2008 - 16:57 31-12-2005 - 00:00
CVE-2005-4830 7.6
CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the content-type parameter.
05-09-2008 - 16:57 31-12-2005 - 00:00
CVE-2004-2651 4.3
Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2602 6.8
PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) before 1.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the HCL_path parameter to pipe.php.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-1062 4.3
Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages.
05-09-2008 - 16:40 28-12-2004 - 00:00
Back to Top Mark selected
Back to Top