CVSS: 4.3EPSS: 1%CPEs: 13EXPL: 0CVE-2004-2497
https://notcve.org/view.php?id=CVE-2004-2497
Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://secunia.com/advisories/12150 http://www.hitachi-support.com/security_e/vuls_e/HS04-003_e/index-e.html http://www.osvdb.org/8264 http://www.securityfocus.com/bid/10818 https://exchange.xforce.ibmcloud.com/vulnerabilities/16822 •
CVSS: 5.0EPSS: 13%CPEs: 11EXPL: 0CVE-2004-0928
https://notcve.org/view.php?id=CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm". • http://marc.info/?l=bugtraq&m=109621995623823&w=2 http://secunia.com/advisories/12638 http://secunia.com/advisories/12647 http://www.idefense.com/application/poi/display?id=148&type=vulnerabilities http://www.kb.cert.org/vuls/id/977440 http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html http://www.macromedia.com/devnet/security/security_zone/mpsb04-09.html http://www.securityfocus.com/bid/11245 https://exchange.xforce.ibmcloud.com/vulnerabilities/17484 •
CVSS: 5.0EPSS: 24%CPEs: 2EXPL: 0CVE-2003-0564
https://notcve.org/view.php?id=CVE-2003-0564
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. Múltiples vulnerabilidades en múltiples implementaciones de fabricantes del protocolo S/MIME (Secure/Multiporpouse Internet Mail Extensions) permiten a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante un mensaje de correo electrónico S/MIME conteniendo ciertas instrucciones ASN.1 inesperadas, como se ha demostrado usando el paquete de pruebas NISSC. • ftp://patches.sgi.com/support/free/security/advisories/20040402-01-U.asc http://marc.info/?l=bugtraq&m=108448379429944&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://www.kb.cert.org/vuls/id/428230 http://www.mandriva.com/security/advisories?name=MDKSA-2004:021 http://www.redhat.com/support/errata/RHSA-2004-110.html http://www.redhat.com/support/errata/RHSA-2004-112.html http://www.securityfocus.com/bid/8981 http://www.uniras.gov.uk/vuls/2003& •