Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-23 | CVE-2004-0246 | Module File Include vulnerability in Laurent Adda LES Commentaires 2.0 Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | 10.0 |
| 2004-11-23 | CVE-2004-0241 | Remote Command Execution vulnerability in Qualiteam X-Cart X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php. | 10.0 |
| 2004-11-23 | CVE-2004-0239 | SQL Injection vulnerability in All Enthusiast Photopost PHP Pro SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable. | 10.0 |
| 2004-11-23 | CVE-2004-0236 | SQL Injection vulnerability in SteelID thePhotoTool Login.ASP SQL injection vulnerability in login.asp in thePHOTOtool allows remote attackers to gain unauthorized access via the password field. | 10.0 |
| 2004-11-03 | CVE-2004-0840 | Improper Input Validation vulnerability in Microsoft Exchange Server, Windows Server 2003 and Windows XP The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | 10.0 |
| 2004-11-03 | CVE-2004-0836 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | 10.0 |
| 2004-11-03 | CVE-2004-0575 | Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation. | 10.0 |
| 2004-11-03 | CVE-2004-0574 | Out-Of-Bounds Write vulnerability in Microsoft products The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. | 10.0 |
| 2004-11-03 | CVE-2004-0572 | Local Buffer Overrun vulnerability in Microsoft Windows Program Group Converter Filename Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe. | 10.0 |
| 2004-11-03 | CVE-2004-0216 | Unspecified vulnerability in Microsoft IE and Internet Explorer Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | 10.0 |