Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-16 | CVE-2005-2358 | Directory Traversal And Information Disclosure vulnerability in EMC Navisphere Manager EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot). | 5.0 |
| 2005-08-16 | CVE-2005-2357 | Directory Traversal And Information Disclosure vulnerability in EMC Navisphere Manager Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-08-16 | CVE-2005-2102 | Multiple vulnerability in Gaim AIM/ICQ Protocols The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters. | 5.0 |
| 2005-08-12 | CVE-2005-2548 | Resource Management Errors vulnerability in Linux Kernel 2.6.8 vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd. | 5.0 |
| 2005-08-10 | CVE-2005-2546 | Information Disclosure vulnerability in Arab Portal Arab Portal 2.0 Arab Portal 2.0 allows remote attackers to obtain sensitive information via a long (1) username or (2) password, which reveals the path in an error message when the undefined "errmsg" function is called. | 5.0 |
| 2005-08-10 | CVE-2005-2545 | HTML Injection vulnerability in PHPopenchat 3.0.2 Multiple cross-site scripting (XSS) vulnerabilities in PHPOpenChat 3.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content parameter to profile.php and profile_misc.php, (3) the profile fields in userpage.php, (4) subject or (5) body in mail.php, or (8) disinvited_chatter or (7) invited_chatter parameter to invite.php. network phpopenchat | 4.3 |
| 2005-08-10 | CVE-2005-2544 | Remote File Include vulnerability in Comdev Ecommerce 3.0 PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter. | 5.0 |
| 2005-08-10 | CVE-2005-2543 | Directory Traversal vulnerability in Comdev Ecommerce 3.0 Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. | 5.0 |
| 2005-08-10 | CVE-2005-2542 | Cross-Site Scripting vulnerability in Invision Power Board Attached File Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML. | 5.0 |
| 2005-08-10 | CVE-2005-2540 | Unspecified vulnerability in Flatnuke 2.5.5 CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request. | 5.0 |