Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2269 | Local Security vulnerability in Passive Asset Detection System Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. | 7.2 |
| 2004-12-31 | CVE-2004-2266 | Input Validation vulnerability in Ansel SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2265 | Unspecified vulnerability in Uudeview 0.5.18/0.5.19 UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. | 7.2 |
| 2004-12-31 | CVE-2004-2263 | SQL Injection vulnerability in Anton Raharja PlaySMS Valid Function SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie. | 7.5 |
| 2004-12-31 | CVE-2004-2254 | Authentication Bypass vulnerability in SurgeLDAP Web Administration SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2250 | Remote Security vulnerability in Audienceconnect Remoteeditor Unknown vulnerability in the "access code" in RemoteEditor before 0.1.6 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | 7.5 |
| 2004-12-31 | CVE-2004-2249 | Remote Security vulnerability in Audienceconnect Secureeditor Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | 7.5 |
| 2004-12-31 | CVE-2004-2243 | Remote Security vulnerability in Phorum 4.3.7 Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. | 7.5 |
| 2004-12-31 | CVE-2004-2240 | Cross-Site Scripting and SQL Injection vulnerability in Phorum 5.0.11 Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | 7.5 |
| 2004-12-31 | CVE-2004-2239 | Multiple vulnerability in Inter7 Vpopmail Vsybase.c Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. | 7.5 |