Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rafel ivgi the-insider vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2004-2104
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote malicious users to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.
Novell Netware 5.1Novell Netware 6.0
NA
CVE-2004-1947
The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote malicious users to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase th...
Softwin Bitdefender
NA
CVE-2004-2094
Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows remote malicious users to inject arbitrary HTML or web script as other users via a URL that contains the script.
Darkwet Webcam Xp 1.6.945
NA
CVE-2004-2745
Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in a URL.
Anteco Visual Technologies Ownserver
NA
CVE-2004-2121
Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and previous versions allow remote malicious users to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences,...
Borland Software Web Server For Corel Paradox
NA
CVE-2004-0337
Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote malicious users to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be repro...
Software602 602pro Lan Suite 2002Software602 602pro Lan Suite 2003
NA
CVE-2004-1813
VocalTec VGW4/8 Gateway 8.0 allows remote malicious users to bypass authentication via an HTTP request to home.asp with a trailing slash (/).
Vocaltec Vgw4 8 Telephony Gateway 8.0
NA
CVE-2004-1904
Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote malicious users to execute arbitrary code via the Internacional property followed by a long string.
Panda Activescan 5.0
NA
CVE-2004-0358
Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote malicious users to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the cat...
Virtuasystems Virtuanews Pro 1.0Virtuasystems Virtuanews Pro 1.0.1Virtuasystems Virtuanews Pro 1.0.2Virtuasystems Virtuanews Pro 1.0.3
NA
CVE-2004-1910
rufsi.dll in Symantec Virus Detection allows remote malicious users to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, al...
Symantec Security Check Virus Detection
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324path traversalCVE-2024-4743CVE-2024-5184TCPCVE-2024-27822code injectionCVE-2024-28995CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook