Search Results | AttackerKB

Show filters

Topics 736 Users 9,789

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

736 Total Results

Displaying 711-720 of 736

Attacker Value

Unknown

CVE-2005-1115

Disclosure Date: May 02, 2005 (last updated February 22, 2025)

Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php.

0

Attacker Value

Unknown

CVE-2005-1275

Disclosure Date: April 25, 2005 (last updated February 22, 2025)

Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

0

Attacker Value

Unknown

CVE-2005-0892

Disclosure Date: March 28, 2005 (last updated February 22, 2025)

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.

0

Attacker Value

Unknown

CVE-2004-1588

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp.

0

Attacker Value

Unknown

CVE-2004-2585

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area.

0

Attacker Value

Unknown

CVE-2004-2555

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.

0

Attacker Value

Unknown

CVE-2004-2587

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow.

0

Attacker Value

Unknown

CVE-2004-2584

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.

0

Attacker Value

Unknown

CVE-2004-2586

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter.

0

Attacker Value

Unknown

CVE-2004-1589

Disclosure Date: December 31, 2004 (last updated February 22, 2025)

Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp.

0