Show filters
323 Total Results
Displaying 311-320 of 323
Sort by:
Attacker Value
Unknown

CVE-2005-0478

Disclosure Date: March 30, 2005 (last updated February 22, 2025)
Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script.
0
0
Attacker Value
Unknown

CVE-2005-0480

Disclosure Date: March 30, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login request, which is recorded in a log file but not properly handled when the administrator views the log file.
0
0
Attacker Value
Unknown

CVE-2005-0482

Disclosure Date: March 30, 2005 (last updated February 22, 2025)
TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a large number of connections with a negative Content-Length header, possibly triggering an integer signedness error, or (2) a large amount of data.
0
0
Attacker Value
Unknown

CVE-2005-0481

Disclosure Date: March 30, 2005 (last updated February 22, 2025)
TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script.
0
0
Attacker Value
Unknown

CVE-2005-0479

Disclosure Date: March 30, 2005 (last updated February 22, 2025)
Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remote attackers to read arbitrary files via ".." sequences and (1) "/" slash), (2) "\" (backslash), or (3) hex-encoded characters in the fn parameter.
0
0
Attacker Value
Unknown

CVE-2004-0916

Disclosure Date: January 27, 2005 (last updated February 22, 2025)
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename.
0
0
Attacker Value
Unknown

CVE-2004-1146

Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script.
0
0
Attacker Value
Unknown

CVE-2004-1456

Disclosure Date: December 31, 2004 (last updated February 22, 2025)
filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo.
0
0
Attacker Value
Unknown

CVE-2004-1444

Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.
0
0
Attacker Value
Unknown

CVE-2004-0604

Disclosure Date: December 06, 2004 (last updated February 22, 2025)
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
0
0
View More Topics  < Previous  Next >