Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2159 | Buffer Overflow vulnerability in Xmlstarlet Command Line XML Toolkit 0.9.3 Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c. | 10.0 |
| 2004-12-31 | CVE-2004-2158 | Input Validation vulnerability in S9Y Serendipity 0.7Beta1 SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. | 7.5 |
| 2004-12-31 | CVE-2004-2157 | Input Validation vulnerability in S9Y Serendipity 0.7Beta1 Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. network s9y | 4.3 |
| 2004-12-31 | CVE-2004-2156 | Security vulnerability in Recruitment Agency Software Online Recruitment Agency 1.0 Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors. | 10.0 |
| 2004-12-31 | CVE-2004-2155 | Authentication Bypass vulnerability in Online-Bookmarks Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php. | 7.5 |
| 2004-12-31 | CVE-2004-2154 | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |
| 2004-12-31 | CVE-2004-2153 | Multiple Unspecified vulnerability in Real Estate Management Software Real Estate Management Software 1.0 Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors. | 10.0 |
| 2004-12-31 | CVE-2004-2152 | Cross-Site Scripting vulnerability in MediaWiki Raw Page Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML. network mediawiki | 4.3 |
| 2004-12-31 | CVE-2004-2151 | Denial Of Service vulnerability in Virtual Projects Chatma Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size. | 5.0 |
| 2004-12-31 | CVE-2004-2149 | Remote Buffer Overflow vulnerability in MySQL Bounded Parameter Statement Execution Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | 5.0 |