Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2199 | Remote vulnerability in Duware Duclassified 4.0 Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text. network duware | 4.3 |
2004-12-31 | CVE-2004-2198 | Remote vulnerability in DUware Software account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page. | 6.4 |
2004-12-31 | CVE-2004-2197 | Unspecified vulnerability in KDocker kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs. | 7.2 |
2004-12-31 | CVE-2004-2196 | Remote Security vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1 Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | 5.0 |
2004-12-31 | CVE-2004-2195 | Remote File Include vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1 PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | 5.0 |
2004-12-31 | CVE-2004-2194 | Remote Denial Of Service vulnerability in MailEnable MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. | 5.0 |
2004-12-31 | CVE-2004-2193 | Cross-Site Scripting vulnerability in Cjoverkill 4.0.3 Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters. network cjoverkill | 4.3 |
2004-12-31 | CVE-2004-2192 | Input Validation vulnerability in Turbotraffictrader PHP 1.0 SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | 7.5 |
2004-12-31 | CVE-2004-2191 | Input Validation vulnerability in Turbotraffictrader PHP 1.0 Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. network turbotraffictrader | 4.3 |
2004-12-31 | CVE-2004-2190 | Directory Traversal vulnerability in Unzoo 4.42 Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | 5.0 |