Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-19 | CVE-2005-2325 | Remote Security vulnerability in Clever Copy 2.0/2.0A Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php. | 5.0 |
2005-07-19 | CVE-2005-2324 | Cross-Site Scripting vulnerability in Clever Copy 2.0/2.0A Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to (1) results.php or (2) categorysearch.php. network clever-copy | 4.3 |
2005-07-19 | CVE-2005-2322 | Cross-Site Scripting vulnerability in Class-1 Forum Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php. | 4.3 |
2005-07-19 | CVE-2005-2319 | Remote File Include vulnerability in Yawp Conf_Path PHP remote file include vulnerability in Yawp library 1.0.6 and earlier, as used in YaWiki and possibly other products, allows remote attackers to include arbitrary files via the _Yawp[conf_path] parameter. | 5.0 |
2005-07-19 | CVE-2005-2318 | Cross-Site Scripting vulnerability in Dvbbs 7.1/7.1Sp2 Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter. network dvbbs | 4.3 |
2005-07-19 | CVE-2005-2309 | Resource Exhaustion vulnerability in Opera Browser 8.01 Opera 8.01 allows remote attackers to cause a denial of service (CPU consumption) via a crafted JPEG image, as demonstrated using random.jpg. | 5.0 |
2005-07-19 | CVE-2005-2307 | Local Denial of Service vulnerability in Microsoft Windows 2000 and Windows XP netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability." | 5.0 |
2005-07-19 | CVE-2005-2304 | Unspecified vulnerability in Microsoft Internet Explorer and Live Messenger Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) via an image with an ICC Profile with a large Tag Count. | 5.0 |
2005-07-19 | CVE-2005-2301 | Unspecified vulnerability in Powerdns PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack. | 5.0 |
2005-07-19 | CVE-2005-2299 | Cross-Site Scripting vulnerability in Simple Message Board Forum.CFM Multiple cross-site scripting (XSS) vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) FID parameter to forum.cfm, (2) UID parameter to user.cfm, (3) TID parameter to thread.cfm, or (4) PostDate parameter to search.cfm. network man-and-machine-ltd | 4.3 |