Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-27 | CVE-2005-3067 | Cross-Site Scripting vulnerability in PerlDiver Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver 2.x allows remote attackers to inject arbitrary web script or HTML via the module parameter. network scriptsolutions | 4.3 |
2005-09-27 | CVE-2005-3066 | Cross-Site Scripting vulnerability in PerlDiver Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver 1.x allows remote attackers to inject arbitrary web script or HTML via the query string. network scriptsolutions | 4.3 |
2005-09-27 | CVE-2005-3065 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Multitheftauto MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read. | 5.0 |
2005-09-27 | CVE-2005-3064 | Denial-Of-Service vulnerability in MultiTheftAuto MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt). | 5.0 |
2005-09-24 | CVE-2005-3050 | Information Disclosure vulnerability in PHPmyfaq 1.5.1 PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information via a LANGCODE parameter that does not exist, which reveals the path in an error message. | 5.0 |
2005-09-24 | CVE-2005-3049 | Unspecified vulnerability in PHPmyfaq 1.5.1 PhpMyFaq 1.5.1 stores data files under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain sensitive information via a direct request to the data/tracking[DATE] file. | 5.0 |
2005-09-24 | CVE-2005-3048 | Directory Traversal vulnerability in PHPmyfaq 1.5.1 Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. | 6.4 |
2005-09-24 | CVE-2005-3047 | Cross-Site Scripting vulnerability in PHPmyfaq 1.5.1 Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PMF_CONF[version] parameter to footer.php or (2) PMF_LANG[metaLanguage] to header.php. | 4.3 |
2005-09-24 | CVE-2005-3046 | SQL Injection vulnerability in PHPmyfaq 1.5.1 SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field. | 6.8 |
2005-09-23 | CVE-2005-2707 | Unspecified vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks. | 5.0 |