Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-22 | CVE-2005-3742 | Cross-Site Scripting vulnerability in Advanced Poll Advanced Poll 2.0.2 Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter. network advanced-poll | 4.3 |
2005-11-22 | CVE-2005-3739 | Remote Security vulnerability in PHP-Fusion Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and earlier allows remote attackers to obtain the full path via unspecified vectors. | 5.0 |
2005-11-22 | CVE-2005-3737 | Buffer Overflow vulnerability in Inkscape SVG Image Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. | 5.1 |
2005-11-22 | CVE-2005-3736 | Unspecified vulnerability in Coastal Data Management E-Quick Cart Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname parameter in shopmaillist.asp, (3) strpid parameter in shopprojectlogin.asp, and (4) Custname parameter in shoptellafriend.asp. network coastal-data-management | 4.3 |
2005-11-22 | CVE-2005-3734 | Cross-Site Scripting vulnerability in PHPMyFAQ Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters. network phpmyfaq | 4.3 |
2005-11-21 | CVE-2005-2339 | Cross-Site Scripting vulnerability in Msearch Unicode Msearch 1.51U1/1.51U1Beta1/1.52U1 Cross-site scripting (XSS) vulnerability in the Unicode version of msearch (unicode-msearch) 1.51(U1)-beta1, 1.51(U1), and 1.52(U1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network msearch | 4.3 |
2005-11-21 | CVE-2005-3632 | Buffer Overflow vulnerability in NetPBM PNMToPNG Long Text Line Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file. | 4.6 |
2005-11-21 | CVE-2005-3730 | Cross-Site Scripting vulnerability in Revize CMS HTTPTranslatorServlet Multiple cross-site scripting (XSS) vulnerabilities in HTTPTranslatorServlet in Idetix Software Systems Revize CMS allow remote attackers to inject arbitrary web script or HTML via the (1) resourcetype, (2) objectmap, and (3) redirect parameters, possibly involving setWebSpace.jsp. network revize-cms | 4.3 |
2005-11-21 | CVE-2005-3729 | Information Disclosure vulnerability in Revize CMS Idetix Software Systems Revize CMS allows remote attackers to obtain sensitive information via direct requests to files in the revize/debug directory, such as (1) apptables.html and (2) main.html. | 5.0 |
2005-11-21 | CVE-2005-3728 | Information Disclosure vulnerability in Revize CMS Revize.XML Idetix Software Systems Revize CMS stores conf/revize.xml under the web document root with insufficient access control, which allows remote attackers to obtain sensitive configuration information. | 5.0 |