Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2672 | Remote Security vulnerability in Argosoft FTP Server 1.4.2 Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2669 | Remote SQL Injection vulnerability in Neocrome Land Down Under 701 Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php. | 7.5 |
| 2004-12-31 | CVE-2004-2668 | SQL-Injection vulnerability in Interchange SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2663 | Unspecified vulnerability in IBM Egatherer 2.0.0.16 The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | 7.5 |
| 2004-12-31 | CVE-2004-2653 | Remote Security vulnerability in Megabbs 2.0/2.1 Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving (1) admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp. | 7.5 |
| 2004-12-31 | CVE-2004-2652 | Remote Denial Of Service vulnerability in Snort DecodeTCPOptions The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference. | 7.8 |
| 2004-12-31 | CVE-2004-2639 | Remote Security vulnerability in Journalness Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2638 | Unspecified vulnerability in Oscommerce 1.5.1 The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value. | 7.5 |
| 2004-12-31 | CVE-2004-2635 | Information Disclosure vulnerability in Mcafee Security Installer Control System 4.0.0.81 An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method. | 7.5 |
| 2004-12-31 | CVE-2004-2632 | Input Validation vulnerability in phpMyAdmin phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables. | 7.5 |