Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2271 | Remote Buffer Overflow vulnerability in MiniShare Server Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
| 2004-12-31 | CVE-2004-2270 | Unspecified vulnerability in IBM Parallel Environment 3.2/4.1 Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code. | 7.2 |
| 2004-12-31 | CVE-2004-2269 | Local Security vulnerability in Passive Asset Detection System Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. | 7.2 |
| 2004-12-31 | CVE-2004-2268 | Information Disclosure vulnerability in Pimentech Pimengest2 1.10.1 PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php. | 5.0 |
| 2004-12-31 | CVE-2004-2267 | Input Validation vulnerability in Ansel Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. network ansel | 4.3 |
| 2004-12-31 | CVE-2004-2266 | Input Validation vulnerability in Ansel SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2265 | Unspecified vulnerability in Uudeview 0.5.18/0.5.19 UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. | 7.2 |
| 2004-12-31 | CVE-2004-2263 | SQL Injection vulnerability in Anton Raharja PlaySMS Valid Function SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie. | 7.5 |
| 2004-12-31 | CVE-2004-2261 | Script HTML Injection vulnerability in e107 Website System Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. network e107 | 4.3 |
| 2004-12-31 | CVE-2004-2260 | Open Redirect vulnerability in Opera Browser Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. | 5.0 |