Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-02 | CVE-2005-2780 | HTML Injection vulnerability in Neocrome Land Down Under 800 Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature. network neocrome | 4.3 |
| 2005-09-02 | CVE-2005-2779 | The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attack. | 5.0 |
| 2005-09-02 | CVE-2005-2776 | Cross-Site Scripting vulnerability in Looking Glass Looking Glass 20040427 Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 20040427 allow remote attackers to inject arbitrary web script or HTML via the (1) version[fullname], (2) version[homepage], or (3) version[no] parameter to footer.php, or the (4) version[fullname], (5) version[no], (6) version[author], (7) version[email] parameter to header.php. network looking-glass | 4.3 |
| 2005-09-02 | CVE-2005-2774 | Unspecified vulnerability in Lithium Software Lithium II MOD Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the nickname. | 5.0 |
| 2005-09-02 | CVE-2005-2769 | Unspecified vulnerability in Inter7 Sqwebmail 5.0.4 Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail. network inter7 | 4.3 |
| 2005-09-02 | CVE-2005-2496 | Unspecified vulnerability in Dave Mills Ntpd The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended. | 4.6 |
| 2005-08-31 | CVE-2005-2761 | Unspecified vulnerability in PHPgroupware 0.9.16.000 Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message. network phpgroupware | 4.3 |
| 2005-08-30 | CVE-2005-2737 | Unspecified vulnerability in Photopost PHP PRO 5.1 Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network photopost | 4.3 |
| 2005-08-30 | CVE-2005-2736 | Unspecified vulnerability in Yapig Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network yapig | 4.3 |
| 2005-08-30 | CVE-2005-2735 | Unspecified vulnerability in PHPgraphy 0.9.9A Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network phpgraphy | 4.3 |