Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-21 | CVE-2005-3009 | Cross-Site Scripting vulnerability in CuteNews Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php. network cutephp | 4.3 |
2005-09-21 | CVE-2005-3006 | Multiple vulnerability in Opera Web Browser Mail Client The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. | 5.0 |
2005-09-20 | CVE-2005-3002 | Denial-Of-Service vulnerability in Xclusive-Software Mccs 1.0 Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet. | 5.0 |
2005-09-20 | CVE-2005-2919 | Code vulnerability in Clam Anti-Virus Clamav libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. | 5.0 |
2005-09-20 | CVE-2005-3000 | Cross-Site Scripting vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.30 Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normalfontcolor, or (3) mess[31] parameters. network bugada-andrea | 4.3 |
2005-09-20 | CVE-2005-2999 | Remote Security vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.30 PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php. | 5.0 |
2005-09-20 | CVE-2005-2997 | Directory Traversal vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.30 Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php. | 5.0 |
2005-09-20 | CVE-2005-2994 | Cross-Site Scripting vulnerability in Rational ClearQuest Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets (XSS). network ibm | 6.8 |
2005-09-20 | CVE-2005-2988 | Information Disclosure vulnerability in LaserJet 2430 HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP. | 5.0 |
2005-09-20 | CVE-2005-2984 | Unspecified vulnerability in Data Center Resources Avocent Ccm48502.1Firmware Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port. | 4.6 |