Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2750 | Path Traversal vulnerability in Jbrowser 1.0/2.0/2.1 Directory traversal vulnerability in browser.php in JBrowser 1.0 through 2.1 allows remote attackers to read arbitrary files via the directory parameter. | 5.0 |
| 2004-12-31 | CVE-2004-2749 | Path Traversal vulnerability in 2Wire Homeportal Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. | 4.3 |
| 2004-12-31 | CVE-2004-2748 | Information Exposure vulnerability in Webtrends Reporting Center 6.1A viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message. | 4.3 |
| 2004-12-31 | CVE-2004-2747 | Path Traversal vulnerability in Pablo Software Solutions Quick N Easy FTP Server 1.77 Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. | 4.0 |
| 2004-12-31 | CVE-2004-2744 | Remote Security vulnerability in Mailing List Manager Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has unknown impact and attack vectors, related to a "security update release." | 5.0 |
| 2004-12-31 | CVE-2004-2743 | Permissions, Privileges, and Access Controls vulnerability in Raditha Dissanayake Mega Upload Progress BAR upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files. | 6.4 |
| 2004-12-31 | CVE-2004-2742 | Cross-Site Scripting vulnerability in Businessobjects Crystal Enterprise 10/8.5/9 Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RPT) file. | 4.3 |
| 2004-12-31 | CVE-2004-2741 | Cross-Site Scripting vulnerability in Horde Application Framework Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters. | 4.3 |
| 2004-12-31 | CVE-2004-2740 | Code Injection vulnerability in PHProjekt PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows remote attackers to include arbitrary PHP code via a URL in the path_pre parameter. | 4.3 |
| 2004-12-31 | CVE-2004-2738 | Cross-Site Scripting vulnerability in Zeroboard 4.1Pl2/4.1Pl3/4.1Pl4 Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. | 4.3 |