This page lists publicly disclosed CVE vulnerabilities affecting geeos_team gattaca_server_2003 (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2004-2522 | Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter. | [email protected] | 4.3 | 1.53% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2521 | Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to perform a denial of service (application crash) via a large number of connections to TCP port (1) 25 (SMTP) or (2) 110 (POP). | [email protected] | 5.0 | 1.27% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2519 | Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial of service (CPU consumption) via directory specifiers in the LANGUAGE parameter to (1) index.tmpl and (2) web.tmpl, such as (a) slash "/", (b) backslash "\", (c) dot ".",, (d) dot dot "..", and (e) internal slash "lang//en". | [email protected] | 5.0 | 7.20% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2518 | Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message. | [email protected] | 5.0 | 12.73% | 2004-12-31 | 2026-04-16 |