Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2057 | Multiple vulnerability in XLineSoft ASPRunner SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements. | 7.5 |
| 2004-12-31 | CVE-2004-2056 | SQL-Injection vulnerability in Nucleus Group Nucleus CMS 3.01 SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2052 | Remote Security vulnerability in Thintune eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing. | 7.5 |
| 2004-12-31 | CVE-2004-2026 | Remote Format String vulnerability in APSIS Pound Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages. | 7.5 |
| 2004-12-31 | CVE-2004-2025 | SQL-Injection vulnerability in ZEN Cart ZEN Cart 1.1.3 SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2024 | Remote Security vulnerability in ZEN Cart ZEN Cart 1.1.4 The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | 7.5 |
| 2004-12-31 | CVE-2004-2023 | SQL Injection vulnerability in ZEN Cart ZEN Cart 1.1.2D/1.1.4 SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters. | 7.5 |
| 2004-12-31 | CVE-2004-2018 | Unspecified vulnerability in Francisco Burzi PHP-Nuke PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2004-12-31 | CVE-2004-2016 | Remote Buffer Overflow vulnerability in NetChat Web Server Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. | 7.5 |
| 2004-12-31 | CVE-2004-2013 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | 7.8 |