Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2214 | Improper Handling of Case Sensitivity vulnerability in Mbedthis Appweb Http Server 1.0.4 Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | 9.8 |
| 2004-12-31 | CVE-2004-2213 | Multiple vulnerability in Mbedthis Software AppWeb HTTP Server Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | 5.0 |
| 2004-12-31 | CVE-2004-2212 | Remote Input Validation vulnerability in Alivesites Forum 2.0 SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2211 | Remote Input Validation vulnerability in Alivesites Forum 2.0 Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp, or (5) the id parameter to post.asp. network alivesites | 4.3 |
| 2004-12-31 | CVE-2004-2210 | Cross-Site Scripting vulnerability in Express-Web Content Management System Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. network express-web | 4.3 |
| 2004-12-31 | CVE-2004-2209 | Remote Input Validation vulnerability in Ideal Science IdealBB SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2208 | Remote Input Validation vulnerability in Ideal Science IdealBB CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors. | 5.0 |
| 2004-12-31 | CVE-2004-2207 | Remote Input Validation vulnerability in Ideal Science IdealBB Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network ideal-science | 4.3 |
| 2004-12-31 | CVE-2004-2206 | SQL Injection vulnerability in Natterchat 1.12 SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2205 | Unspecified vulnerability in Symantec Veritas Cluster Server Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors. | 7.2 |