CVE-2004-2333

Bodington 2.1.0 RC1 and earlier does not secure the file upload area, which allows remote attackers to read uploaded files.

Publication date: Fri, 31 Dec 2004 11:00:00 +0000

Cyber News related to CVE-2004-2333

CVE-2004-2333 - Bodington 2.1.0 RC1 and earlier does not secure the file upload area, which allows remote attackers to read uploaded files. ...
7 years ago

CVE-2004-1159 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1122, CVE-2004-1314. Reason: this was an out-of-band assignment duplicate intended for one issue, but the description and references inadvertently combined multiple issues. ...
55 years ago Tenable.com

CVE-2004-0868 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of CVE-2004-0866. Notes: The description for CVE-2004-0866 was inadvertently attached to this issue instead. All CVE users should ...
55 years ago Tenable.com

CVE-2012-2191 - IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC ...
7 years ago

CVE-2002-2333 - Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. ...
16 years ago

CVE-2005-2333 - Cross-site scripting (XSS) vulnerability in smilies_popup.php in SEO-Board 1.0 allows remote attackers to inject arbitrary web script or HTML via the doc parameter. ...
16 years ago

CVE-2010-2333 - LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension. ...
14 years ago

CVE-2007-2333 - Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow ...
13 years ago

CVE-2016-2333 - SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by ...
8 years ago

CVE-2015-2333 - Cross-site scripting (XSS) vulnerability in the MyCode editor in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
8 years ago

CVE-2014-2333 - Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information. ...
7 years ago

CVE-2009-2333 - Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the menu parameter to admin/admin_menu.php, and the id parameter to (2) ...
7 years ago

CVE-2012-2333 - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified ...
7 years ago

CVE-2008-2333 - Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter. ...
6 years ago

CVE-2006-2333 - Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote attackers to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification, which is not properly handled ...
6 years ago

CVE-2017-2333 - A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a ...
5 years ago

CVE-2019-2333 - Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & ...
5 years ago

CVE-2013-2333 - Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680. ...
5 years ago

CVE-2021-2333 - Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Alter User privilege with network ...
3 years ago

CVE-2022-2333 - If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions. ...
2 years ago

CVE-2023-2333 - The Ninja Forms Google Sheet Connector WordPress plugin before 1.2.7, gsheetconnector-ninja-forms-pro WordPress plugin through 1.2.7 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting ...
1 year ago

CVE-2018-2333 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
55 years ago Tenable.com

CVE-2024-2333 - A vulnerability classified as critical has been found in CodeAstro Membership Management System 1.0. Affected is an unknown function of the file /add_members.php. The manipulation of the argument fullname leads to sql injection. It is possible to ...
10 months ago

CVE-2004-1060 - Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't ...
6 years ago

CVE-2004-0791 - Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source ...
6 years ago

Latest Cyber News

CVE-2025-24982 - 23 hours ago
CVE-2025-22475 - 1 day ago
CVE-2025-1003 - 1 day ago
CVE-2025-0148 - 1 day ago
CVE-2025-24957 - 1 day ago
CVE-2025-24958 - 1 day ago
CVE-2025-22129 - 1 day ago
CVE-2025-23210 - 1 day ago
CVE-2025-24029 - 1 day ago
CVE-2025-24371 - 1 day ago
CVE-2025-24901 - 1 day ago
CVE-2025-24902 - 1 day ago
CVE-2025-24905 - 1 day ago
CVE-2025-24906 - 1 day ago
CVE-2024-35177 - 1 day ago
CVE-2024-47770 - 1 day ago
CVE-2025-24960 - 1 day ago
CVE-2025-24961 - 1 day ago
CVE-2025-24962 - 1 day ago
CVE-2025-22918 - 1 day ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-20141 - 2 days ago
CVE-2024-20142 - 2 days ago
CVE-2024-20147 - 2 days ago
CVE-2025-20631 - 2 days ago
CVE-2025-20632 - 2 days ago
CVE-2025-20633 - 2 days ago
CVE-2025-20634 - 2 days ago
CVE-2025-20635 - 2 days ago
CVE-2025-20636 - 2 days ago
CVE-2025-20637 - 2 days ago
CVE-2025-20638 - 2 days ago
CVE-2025-20639 - 2 days ago
CVE-2025-20640 - 2 days ago
CVE-2025-20641 - 2 days ago
CVE-2025-20642 - 2 days ago
CVE-2025-20643 - 2 days ago
CVE-2025-25062 - 2 days ago
CVE-2025-25063 - 2 days ago
CVE-2024-57966 - 1 day ago
CVE-2024-13347 - 1 day ago