Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2225 | 1 Mozilla | 1 Firefox | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | |||||
| CVE-2004-2234 | 1 Moodle | 1 Moodle | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | |||||
| CVE-2004-2235 | 1 Moodle | 1 Moodle | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | |||||
| CVE-2004-2246 | 1 Goollery | 1 Goollery | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php. | |||||
| CVE-2004-2283 | 1 Daniel Barron | 1 Dansguardian | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache. | |||||
| CVE-2004-2280 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. | |||||
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2004-2281 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. | |||||
| CVE-2004-2282 | 1 Daniel Barron | 1 Dansguardian | 2008-09-05 | 5.0 MEDIUM | N/A |
| DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request. | |||||
| CVE-2004-2364 | 1 Phpx | 1 Phpx | 2008-09-05 | 5.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php. | |||||
| CVE-2004-2183 | 1 Wehelpbus | 1 Wehelpbus | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | |||||
| CVE-2004-2160 | 1 Xmlstarlet | 1 Command Line Xml Toolkit | 2008-09-05 | 6.4 MEDIUM | N/A |
| Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2004-2247 | 1 Goosequill | 1 Audienceconnect | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact and attack vectors. | |||||
| CVE-2004-2338 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 7.5 HIGH | N/A |
| OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. | |||||
| CVE-2004-2147 | 1 Symantec | 1 Norton Antivirus | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | |||||
| CVE-2004-2317 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access. | |||||
| CVE-2004-2298 | 1 Novell | 2 Internet Messaging System, Netmail | 2008-09-05 | 6.4 MEDIUM | N/A |
| Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator. | |||||
| CVE-2004-2294 | 1 Francisco Burzi | 1 Php-nuke | 2008-09-05 | 4.3 MEDIUM | N/A |
| Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | |||||
| CVE-2004-2180 | 1 Wowbb | 1 Wowbb Web Forum | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php. | |||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||