Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-26 | CVE-2005-2276 | HTML Injection vulnerability in Novell Groupwise Webaccess 6.0/6.5 Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. network novell | 4.3 |
2005-07-26 | CVE-2005-1849 | Unspecified vulnerability in Zlib 1.2.2 inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced. | 5.0 |
2005-07-26 | CVE-2005-1691 | Unspecified vulnerability in SAP R 3 Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request. | 5.0 |
2005-07-20 | CVE-2005-2333 | Cross-Site Scripting vulnerability in Seo-Board 1.0 Cross-site scripting (XSS) vulnerability in smilies_popup.php in SEO-Board 1.0 allows remote attackers to inject arbitrary web script or HTML via the doc parameter. network seo-board | 4.3 |
2005-07-20 | CVE-2005-2332 | Cross-Site Scripting vulnerability in PHP.Warpedweb.Net PHPpageprotect 1.0.0A Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a allows remote attackers to inject arbitrary web script or HTML via the username parameter to (1) admin.php or (2) login.php. network php-warpedweb-net | 4.3 |
2005-07-20 | CVE-2005-2331 | Unspecified vulnerability in Moosegallery 1.0.1/1.0.2 PHP remote file inclusion vulnerability in display.php in MooseGallery allows remote attackers to execute arbitrary PHP code via the type parameter. | 5.0 |
2005-07-20 | CVE-2005-2329 | MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to access the consoles of other users. | 4.6 |
2005-07-20 | CVE-2005-2328 | Unspecified vulnerability in Laffer 0.3.2.6/0.3.2.7 PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 and 0.3.2.7 allows remote attackers to execute arbitrary PHP code via the CFG_PATH variable. | 5.0 |
2005-07-20 | CVE-2005-2327 | Cross-Site Scripting vulnerability in E107 Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags. network e107 | 4.3 |
2005-07-19 | CVE-2005-2326 | Cross-Site Scripting vulnerability in Clever Copy 2.0/2.0A Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the yr parameter to calendar.php. network clever-copy | 4.3 |