CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
9985 | CVE-2004-1557 | Candidate | MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a direct HTTP request to (1) /admin or (2) ServerProperties.html. | Assigned (20050220) | None (candidate not yet proposed) | View | |
9984 | CVE-2004-1556 | Candidate | MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time. | Assigned (20050220) | None (candidate not yet proposed) | View | |
9983 | CVE-2004-1555 | Candidate | Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp. | Assigned (20050220) | None (candidate not yet proposed) | View | |
9982 | CVE-2004-1554 | Candidate | PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code. | Assigned (20050220) | None (candidate not yet proposed) | View | |
9981 | CVE-2004-1553 | Candidate | SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. | Assigned (20050220) | None (candidate not yet proposed) | View |
Page 18947 of 20943, showing 5 records out of 104715 total, starting on record 94731, ending on 94735