Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1841 | 1 Ms Analysis | 1 Website Traffic Analyzer | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request. | |||||
| CVE-2004-1842 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 7.5 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | |||||
| CVE-2004-1843 | 1 Expinion.net | 1 Member Management System | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp. | |||||
| CVE-2004-1844 | 1 Expinion.net | 1 Member Management System | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. | |||||
| CVE-2004-1845 | 1 Expinion.net | 1 News Manager Lite | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp. | |||||
| CVE-2004-1846 | 1 Expinion.net | 1 News Manager Lite | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp. | |||||
| CVE-2004-1847 | 1 Expinion.net | 1 News Manager Lite | 2017-07-10 | 7.5 HIGH | N/A |
| News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie. | |||||
| CVE-2004-1849 | 1 Cpanel | 1 Cpanel | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html. | |||||
| CVE-2004-1850 | 1 Fluidgames | 1 The Rage | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Rage 1.01 and earlier allows remote attackers to cause a denial of service (infinite loop) via a TCP packet with the port and IP address set to zero. | |||||
| CVE-2004-1851 | 1 Dameware Development | 1 Mini Remote Control Server | 2017-07-10 | 7.5 HIGH | N/A |
| Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing. | |||||
| CVE-2004-1852 | 1 Dameware Development | 1 Mini Remote Control Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information. | |||||
| CVE-2004-1853 | 1 Atari | 1 Terminator 3 War Of The Machines | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote attackers to cause a denial of service via a long ServerInfo variable. | |||||
| CVE-2004-1854 | 1 Picophone | 1 Internet Telephone | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet. | |||||
| CVE-2004-1855 | 1 Mythic Entertainment | 1 Dark Age Of Camelot | 2017-07-10 | 5.0 MEDIUM | N/A |
| Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack. | |||||
| CVE-2004-1856 | 1 Hp | 1 Web Jetadmin | 2017-07-10 | 5.0 MEDIUM | N/A |
| devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory. | |||||
| CVE-2004-1857 | 1 Hp | 1 Web Jetadmin | 2017-07-10 | 2.1 LOW | N/A |
| Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter. | |||||
| CVE-2004-1859 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2004-1860 | 1 Xmb Forum | 1 Xmb | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker. | |||||
| CVE-2004-1861 | 1 Netsupport | 1 Netsupport School | 2017-07-10 | 4.6 MEDIUM | N/A |
| Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords. | |||||
| CVE-2004-1866 | 1 Nstx | 1 Ip Over Dns Utility | 2017-07-10 | 5.0 MEDIUM | N/A |
| nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, which triggers a null dereference. | |||||