SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters.
Max CVSS
7.5
EPSS Score
0.35%
Published
2004-07-29
Updated
2017-07-11
SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the (1) linpha_userid or (2) linpha_password cookies.
Max CVSS
7.5
EPSS Score
0.22%
Published
2004-07-29
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the (1) Email or (2) Website fields.
Max CVSS
4.3
EPSS Score
0.44%
Published
2004-07-29
Updated
2017-07-11
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.
Max CVSS
9.8
EPSS Score
17.23%
Published
2004-07-27
Updated
2024-02-08
Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.
Max CVSS
4.3
EPSS Score
0.55%
Published
2004-07-19
Updated
2017-07-11
PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitrary PHP code via the site parameter.
Max CVSS
7.5
EPSS Score
6.57%
Published
2004-07-24
Updated
2017-07-11
The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL.
Max CVSS
5.0
EPSS Score
0.28%
Published
2004-07-24
Updated
2017-07-11
Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter.
Max CVSS
5.0
EPSS Score
5.14%
Published
2004-07-23
Updated
2017-07-11
Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests.
Max CVSS
5.0
EPSS Score
1.04%
Published
2004-07-22
Updated
2017-07-11
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.
Max CVSS
7.2
EPSS Score
0.08%
Published
2004-07-30
Updated
2017-07-11
Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.
Max CVSS
5.0
EPSS Score
4.72%
Published
2004-07-30
Updated
2017-07-11
WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory.
Max CVSS
7.5
EPSS Score
1.06%
Published
2004-07-30
Updated
2017-07-11
Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is executed when the administrator's browser loads the page with the img tag.
Max CVSS
8.8
EPSS Score
0.52%
Published
2004-07-30
Updated
2024-02-08
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
Max CVSS
10.0
EPSS Score
0.79%
Published
2004-07-27
Updated
2017-07-11
LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow.
Max CVSS
5.0
EPSS Score
0.33%
Published
2004-07-27
Updated
2017-07-11
The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow.
Max CVSS
5.0
EPSS Score
1.17%
Published
2004-07-27
Updated
2017-07-11
Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long filename.
Max CVSS
7.5
EPSS Score
0.52%
Published
2004-07-27
Updated
2017-07-11
Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to execute arbitrary SQL via the (1) min or (2) categ parameters.
Max CVSS
7.5
EPSS Score
0.15%
Published
2004-07-27
Updated
2017-07-11
Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, or (11) mod3 parameters.
Max CVSS
7.5
EPSS Score
0.82%
Published
2004-07-27
Updated
2017-07-11
The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.
Max CVSS
5.0
EPSS Score
0.55%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0735

Public exploit
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
Max CVSS
7.5
EPSS Score
42.99%
Published
2004-07-27
Updated
2017-07-11
Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
Max CVSS
7.5
EPSS Score
20.97%
Published
2004-07-27
Updated
2017-07-11
Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call.
Max CVSS
7.5
EPSS Score
9.13%
Published
2004-07-27
Updated
2017-10-11
SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to execute arbitrary SQL statements via the instory parameter.
Max CVSS
7.5
EPSS Score
0.26%
Published
2004-07-27
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field.
Max CVSS
6.8
EPSS Score
0.80%
Published
2004-07-27
Updated
2017-07-11
101 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!