Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-26 | CVE-2006-4376 | Cross-Site Scripting vulnerability in Eichhorn Portal Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module. | 5.1 |
2006-08-26 | CVE-2006-4371 | Information Disclosure vulnerability in Alt-N Webadmin 3.2.3/3.2.4 Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. | 4.0 |
2006-08-25 | CVE-2006-4353 | Information Disclosure vulnerability in SUN Java System Content Delivery Server 4.0/4.1/5.0 Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors. | 5.0 |
2006-08-25 | CVE-2006-4352 | Information Disclosure vulnerability in Cisco Content Services Switch 11000 Series The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | 5.0 |
2006-08-25 | CVE-2006-3744 | Numeric Errors vulnerability in Imagemagick Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. | 5.1 |
2006-08-25 | CVE-2006-3743 | Buffer Overflow vulnerability in ImageMagick XCF Image File Remote Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. | 5.1 |
2006-08-25 | CVE-2006-2113 | Improper Authentication vulnerability in multiple products The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server. | 6.4 |
2006-08-24 | CVE-2006-4351 | Cross-Site Scripting vulnerability in Oneorzero 1.6.4.1 Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. network oneorzero | 6.8 |
2006-08-24 | CVE-2006-4344 | Email Header Injection vulnerability in Cgi-Rescue Mail F W System 8.3 CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi. | 5.0 |
2006-08-24 | CVE-2006-4333 | Resource Management Errors vulnerability in Wireshark The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. | 5.4 |