Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2008-10-28	CVE-2008-4759	Path Traversal vulnerability in Buzzscripts Buzzywall 1.3.1 Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. network low complexity buzzscripts CWE-22	5.0
2008-10-28	CVE-2008-4758	Path Traversal vulnerability in PHP-Daily Directory traversal vulnerability in download_file.php in PHP-Daily allows remote attackers to read arbitrary local files via a .. network low complexity php-daily CWE-22	5.0
2008-10-28	CVE-2008-4756	Cross-Site Scripting vulnerability in PHP-Daily Cross-site scripting (XSS) vulnerability in add_prest_date.php in PHP-Daily allows remote attackers to inject arbitrary web script or HTML via the date parameter. network php-daily CWE-79	4.3
2008-10-27	CVE-2008-4754	SQL Injection vulnerability in Scripts-For-Sites EZ Forum SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. low complexity scripts-for-sites CWE-89	5.8
2008-10-27	CVE-2008-4751	Cross-Site Scripting vulnerability in Epistream Ipei Guestbook 2.0 Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the pg parameter, a different vector than CVE-2005-4597. network epistream CWE-79	4.3
2008-10-27	CVE-2008-4745	Cross-Site Scripting vulnerability in Uniwin Ecart Professional 2.0.17 Cross-site scripting (XSS) vulnerability in emailFriend.asp in Uniwin eCart Professional 2.0.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network uniwin CWE-79	4.3
2008-10-27	CVE-2008-4742	Cross-Site Scripting vulnerability in Timetrex 2.2.11 Multiple cross-site scripting (XSS) vulnerabilities in interface/Login.php in TimeTrex 2.2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) password and (2) user_name parameters. network timetrex CWE-79	4.3
2008-10-27	CVE-2008-4741	Path Traversal vulnerability in Far-PHP 1.00 Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. network low complexity far-php CWE-22	5.0
2008-10-27	CVE-2008-4740	Path Traversal vulnerability in Tinycms 1.1.2 Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. network high complexity tinycms CWE-22	5.1
2008-10-27	CVE-2006-7234	Local Code Execution vulnerability in Lynx '.mailcap' and '.mime.type' Files Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory. local low complexity lynx	4.6

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium