Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-27 | CVE-2005-3085 | Cross-Site Scripting vulnerability in Riverdark Studios RSS Syndicator Module 2.1.7 Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters. network riverdark-studios | 4.3 |
| 2005-09-27 | CVE-2005-3084 | Denial-Of-Service vulnerability in Sony Playstation Portable 2.0Firmware Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image. | 5.0 |
| 2005-09-27 | CVE-2005-3083 | Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 0.10 Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 0.10 allows remote attackers to inject arbitrary web script or HTML via the page parameter. network cmsmadesimple | 4.3 |
| 2005-09-27 | CVE-2005-3081 | Unspecified vulnerability in Wzdftpd 0.5.4 wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command. | 4.6 |
| 2005-09-27 | CVE-2005-3080 | Local File Include vulnerability in GeSHI contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set. | 5.0 |
| 2005-09-27 | CVE-2005-3079 | Remote Security vulnerability in Punbb PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection. | 4.6 |
| 2005-09-27 | CVE-2005-3078 | Cross-Site Scripting vulnerability in Punbb Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature. network punbb | 4.3 |
| 2005-09-27 | CVE-2005-3077 | Denial of Service vulnerability in Microsoft IE for Macintosh 5.2.3 Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers to cause a denial of service (crash) via a web page with malformed attributes in a BGSOUND tag, possibly involving double-quotes in an about: URI. | 5.0 |
| 2005-09-27 | CVE-2005-2710 | Unspecified vulnerability in Realnetworks Helix Player and Realplayer Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file. | 5.1 |
| 2005-09-27 | CVE-2005-3073 | Multiple vulnerability in Interchange Development Group Interchange 4.9.3/5.0/5.2 Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) "mike", (2) "standard", or (3) "foundation" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page. | 5.0 |