Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2179 | Remote Denial of Service vulnerability in Microsoft Frontpage and IE asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | 5.0 |
| 2004-12-31 | CVE-2004-2178 | Remote Input Validation vulnerability in Devoybb web Forum 1.0 SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2177 | Remote Input Validation vulnerability in Devoybb web Forum 1.0 Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network devoybb | 4.3 |
| 2004-12-31 | CVE-2004-2176 | Unspecified vulnerability in Microsoft Windows XP The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls. | 4.6 |
| 2004-12-31 | CVE-2004-2175 | SQL Injection vulnerability in All Enthusiast ReviewPost PHP PRO 2.5/2.5.1 Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | 7.5 |
| 2004-12-31 | CVE-2004-2174 | Multiple vulnerability in EarlyImpact ProductCart Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter. network early-impact | 4.3 |
| 2004-12-31 | CVE-2004-2173 | Multiple vulnerability in EarlyImpact ProductCart SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2172 | Inadequate Encryption Strength vulnerability in Netsourcecommerce Productcart EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | 7.5 |
| 2004-12-31 | CVE-2004-2171 | Cross-Site Scripting vulnerability in Cherokee Error Page Cross-site scripting (XSS) vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page. network cherokee | 4.3 |
| 2004-12-31 | CVE-2004-2170 | Remote Directory Traversal vulnerability in Niti Telecom Caravan Business Server 2.0003D Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | 5.0 |