EUVD-2004-2436

Malicious code in bioql PyPI...

CVE-2004-2444

Cross-site scripting XSS vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2004-2443

The CVE affects Jaws 0.3. An authentication bypass is possible via an HTTP request to admin.php where the cookie is set to the MD5 hash of a null password; this is compared against the logged session variable in application.php’s logged_on function. This yields a likely auth bypass with partial c...

CVE-2004-2444

CVE-2004-2444 describes a cross-site scripting (XSS) flaw in index.php of Jaws 0.3, exploitable via the action parameter to inject arbitrary script/HTML. The provided documents do not include explicit vendor/version patches or a confirmed exploit in the wild. No additional technical details, root...

CVE-2004-2445

Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. dot dot in the gadget parameter...

CVE-2004-2443

Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the loggedon function in application.php...

CVE-2004-2445

CVE-2004-2445: Directory traversal in Jaws 0.3 BETA index.php via the gadget parameter allows remote attackers to view arbitrary files using dot-dot sequences. This is documented in multiple sources (NVD/CVE records and Nessus-like disclosures) and confirms a file-read vulnerability in the early ...

CVE-2004-2443

Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the loggedon function in application.php...