Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2234 | Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | 7.5 |
| 2004-12-31 | CVE-2004-2228 | Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. | 7.2 |
| 2004-12-31 | CVE-2004-2221 | Buffer Overflow vulnerability in Mercantec Softcart 4.00B Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. | 7.5 |
| 2004-12-31 | CVE-2004-2218 | SQL Injection vulnerability in PHPMyWebHosting SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2212 | Remote Input Validation vulnerability in Alivesites Forum 2.0 SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2209 | Remote Input Validation vulnerability in Ideal Science IdealBB SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2206 | SQL Injection vulnerability in Natterchat 1.12 SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2205 | Unspecified vulnerability in Symantec Veritas Cluster Server Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors. | 7.2 |
| 2004-12-31 | CVE-2004-2204 | Unspecified vulnerability in Macromedia Coldfusion 6.0/6.1 Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT. | 7.2 |
| 2004-12-31 | CVE-2004-2203 | Unspecified vulnerability in Ansel Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories. | 7.5 |