best_software 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2004-1611 | SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle (MITM) attack, or (2) obtain the database password via a GetConnection request to TCP port 1707. | [email protected] | 5.1 | 1.58% | 2004-10-18 | 2026-06-16 |
| CVE-2004-1610 | SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables. | [email protected] | 7.5 | 2.25% | 2004-10-18 | 2026-06-16 |
| CVE-2004-1609 | SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access. | [email protected] | 5.0 | 1.78% | 2004-10-18 | 2026-06-16 |
| CVE-2004-1608 | SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation. | [email protected] | 7.5 | 1.53% | 2004-10-18 | 2026-06-16 |
| CVE-2004-1607 | slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an invalid file parameter, which reveals the path in an error message. | [email protected] | 5.0 | 1.78% | 2004-10-18 | 2026-06-16 |
| CVE-2004-1606 | slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) via an invalid HTTP request, which might also leak sensitive information in the ErrorLogMsg cookie. | [email protected] | 6.4 | 2.04% | 2004-10-18 | 2026-06-16 |
| CVE-2004-1605 | SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator. | [email protected] | 7.5 | 2.12% | 2004-10-14 | 2026-06-16 |