Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-21 | CVE-2005-3027 | Unspecified vulnerability in Sybari Antigen 8.0 Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of "Antigen forwarded attachment". | 5.0 |
2005-09-21 | CVE-2005-3026 | Directory Traversal vulnerability in EPay Pro Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2005-09-21 | CVE-2005-3025 | Cross-Site Scripting vulnerability in vBulletin Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the loc parameter to (1) modcp/index.php or (2) admincp/index.php, or the ip parameter to (3) modcp/user.php or (4) admincp/usertitle.php. network jelsoft | 4.3 |
2005-09-21 | CVE-2005-3023 | Cross-Site Scripting vulnerability in vBulletin Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php. network jelsoft | 4.3 |
2005-09-21 | CVE-2005-3020 | Cross-Site Scripting vulnerability in VBulletin Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to css.php, (2) redirect parameter to index.php, (3) email parameter to user.php, (4) goto parameter to language.php, (5) orderby parameter to modlog.php, and the (6) hex, (7) rgb, or (8) expandset parameter to template.php. network jelsoft | 4.3 |
2005-09-21 | CVE-2005-3018 | Unspecified vulnerability in Apple Safari Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL. | 5.0 |
2005-09-21 | CVE-2005-3017 | Cross-Site Scripting vulnerability in Content2Web 1.0.1 PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS). network content2web | 4.3 |
2005-09-21 | CVE-2005-3015 | Cross-Site Scripting vulnerability in IBM Lotus Domino and Lotus Domino Enterprise Server Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. network ibm | 4.3 |
2005-09-21 | CVE-2005-3014 | HTML Injection vulnerability in Ensim Webppliance 3.0/3.1/3.1.1 Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field. network ensim | 4.3 |
2005-09-21 | CVE-2005-3013 | Local Buffer Overflow vulnerability in Suse Linux 9.3 Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. | 4.6 |