CVE List

Id CVE No. Status Description Phase Votes Comments Actions
9985  CVE-2004-1557  Candidate  MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a direct HTTP request to (1) /admin or (2) ServerProperties.html.  Assigned (20050220)  None (candidate not yet proposed)    View
9984  CVE-2004-1556  Candidate  MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time.  Assigned (20050220)  None (candidate not yet proposed)    View
9983  CVE-2004-1555  Candidate  Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.  Assigned (20050220)  None (candidate not yet proposed)    View
9982  CVE-2004-1554  Candidate  PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code.  Assigned (20050220)  None (candidate not yet proposed)    View
9981  CVE-2004-1553  Candidate  SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action.  Assigned (20050220)  None (candidate not yet proposed)    View

Page 18947 of 20943, showing 5 records out of 104715 total, starting on record 94731, ending on 94735

Actions