Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-24 | CVE-2005-3804 | Remote Debugger Access vulnerability in Cisco 7920 Wireless IP Phone 1.0(8)/2.0 Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service. | 6.4 |
2005-11-24 | CVE-2005-3802 | Unspecified vulnerability in Belkin F5D7230-4 and F5D7232-4 Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication. | 5.1 |
2005-11-24 | CVE-2005-3801 | Unspecified vulnerability in Counterpane Passwordsafe CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks. | 4.6 |
2005-11-24 | CVE-2005-3800 | Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak algorithm to encrypt user password in connection keys that use shared FTP login credentials, which allows attackers to obtain sensitive information. | 5.0 |
2005-11-24 | CVE-2005-3799 | Information Disclosure vulnerability in PHPbb Group PHPbb 2.0.18 phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path. | 5.0 |
2005-11-24 | CVE-2005-3795 | Cross-Site Scripting vulnerability in Alstrasoft Affiliate Network PRO 7.2 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to inject arbitrary web script or HTML via (1) the Err parameter in admin/index.php and the (2) firstname and (3) lastname parameters in index.php. network alstrasoft | 4.3 |
2005-11-24 | CVE-2005-3794 | Information Disclosure vulnerability in Alstrasoft Affiliate Network PRO 7.2 AlstraSoft Affiliate Network Pro 7.2 allows remote attackers to obtain sensitive information via a direct request to scripts such as (1) togateway.php and (2) other unspecified scripts. | 5.0 |
2005-11-24 | CVE-2005-3791 | Remote Security vulnerability in phpAdsNew HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote attackers to inject arbitrary HTML headers via adclick.php and possibly other unspecified vectors. | 5.0 |
2005-11-24 | CVE-2005-3790 | Cross-Site Scripting vulnerability in PHPWCMS Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. network phpwcms | 4.3 |
2005-11-24 | CVE-2005-3789 | Unspecified vulnerability in PHPwcms 1.2.5Dev Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. | 5.0 |