Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-02-23 | CVE-2004-0324 | Remote Command Execution vulnerability in Confirm E-Mail Header Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header that contains shell metacharacters such as ", `, |, ;, or $. | 7.5 |
2004-02-17 | CVE-2004-0073 | Remote PHP File Include vulnerability in Stoitsov Easydynamicpages 2.0 PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script. | 7.5 |
2004-02-17 | CVE-2004-0070 | Remote Command Execution vulnerability in VisualShapers EZContents Module.PHP PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-02-17 | CVE-2004-0069 | Unspecified vulnerability in HD Soft Windows FTP Server Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. | 7.5 |
2004-02-17 | CVE-2004-0068 | Remote Command Execution vulnerability in PHPDig Config.PHP Include PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 and earlier allows remote attackers to execute arbitrary PHP code by modifying the $relative_script_path parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-02-17 | CVE-2004-0065 | SQL Injection vulnerability in PhpGedView Placelist.PHP Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via (1) timeline.php and (2) placelist.php. | 7.5 |
2004-02-17 | CVE-2004-0063 | Unspecified vulnerability in Ncipher Payshield SPP Library 1.3.12/1.5.18/1.6.18 The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. | 7.5 |
2004-02-17 | CVE-2004-0062 | Remote Security vulnerability in FishCart Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity. | 7.5 |
2004-02-17 | CVE-2004-0061 | Security Bypass vulnerability in WWW File Share Pro WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . | 7.5 |
2004-02-17 | CVE-2004-0056 | Unspecified vulnerability in Nortel products Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | 7.5 |