CVE-2004-0250

This is an entry in the Common Vulnerability Index under number CVE-2004-0250. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-0250

Description: SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain privileges via (1) the product parameter in showproduct.php or (2) the cat parameter in showcat.php.

Continue Reading …

CVE-2004-1929

This is an entry in the Common Vulnerability Index under number CVE-2004-1929. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-1929

Description: SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter.

Continue Reading …

CVE-2004-0930

This is an entry in the Common Vulnerability Index under number CVE-2004-0930. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-0930

Description: The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

Continue Reading …

CVE-2004-2511

This is an entry in the Common Vulnerability Index under number CVE-2004-2511. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-2511

Description: Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the year,

Continue Reading …

CVE-2004-1060

This is an entry in the Common Vulnerability Index under number CVE-2004-1060. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-1060

Description: Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP (“Fragmentation Needed and Don’t Fragment was Set”) packets with a low next-hop MTU value,

Continue Reading …

CVE-2004-0513

This is an entry in the Common Vulnerability Index under number CVE-2004-0513. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-0513

Description: Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to “logging when tracing system calls.”

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2004-2063

This is an entry in the Common Vulnerability Index under number CVE-2004-2063. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-2063

Description: Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter.

Continue Reading …

CVE-2004-1932

This is an entry in the Common Vulnerability Index under number CVE-2004-1932. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-1932

Description: SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter.

Continue Reading …

CVE-2004-0577

This is an entry in the Common Vulnerability Index under number CVE-2004-0577. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2004-0577

Description: WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.

Continue Reading …