Security Vulnerabilities, CVEs, Published In December 2004 (Gain Privilege)
Polar HelpDesk 3.0 allows remote attackers to bypass authentication by setting the UserId and UserType values in a cookie.
Max CVSS
5.0
EPSS Score
1.64%
Published
2004-12-31
Updated
2017-07-29
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
Max CVSS
10.0
EPSS Score
1.99%
Published
2004-12-31
Updated
2017-07-29
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character.
Max CVSS
7.1
EPSS Score
2.78%
Published
2004-12-31
Updated
2017-07-29
edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false.
Max CVSS
7.5
EPSS Score
8.47%
Published
2004-12-31
Updated
2017-07-29
Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server.
Max CVSS
7.5
EPSS Score
0.34%
Published
2004-12-31
Updated
2008-09-05
5 vulnerabilities found