Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-13 | CVE-2005-2256 | Directory Traversal vulnerability in PHPPGAdmin Login Form Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter. | 5.0 |
| 2005-07-13 | CVE-2005-2255 | Directory Traversal vulnerability in Gianluca Baldo PHPauction 2.5 Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php. | 6.4 |
| 2005-07-13 | CVE-2005-2254 | Cross-Site Scripting vulnerability in Gianluca Baldo PHPauction 2.5 Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 allow remote attackers to inject arbitrary web script or HTML via the lan parameter to (1) index.php or (2) admin/index.php, or (3) the auction_id parameter to profile.php. | 4.3 |
| 2005-07-13 | CVE-2005-2248 | Directory Traversal vulnerability in Sven-Ove Bjerkan Downloadprotect 1.0/1.0.1/1.0.2B Directory traversal vulnerability in DownloadProtect before 1.0.3 allows remote attackers to read files above the download folder. | 5.0 |
| 2005-07-13 | CVE-2005-2095 | Unspecified vulnerability in Squirrelmail options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files. network squirrelmail | 4.3 |
| 2005-07-12 | CVE-2005-2244 | Remote Heap Buffer Overflow vulnerability in Cisco CallManager AUPair Service The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow. | 5.0 |
| 2005-07-12 | CVE-2005-2243 | Failed Logins Remote Denial Of Service vulnerability in Cisco CallManager Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail. | 5.0 |
| 2005-07-12 | CVE-2005-2242 | Remote Denial Of Service vulnerability in Cisco CallManager CTI Manager Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to cause a denial of service (memory consumption and restart) via crafted packets to (1) the CTI Manager (ctimgr.exe) or (2) the CallManager (ccm.exe). | 5.0 |
| 2005-07-12 | CVE-2005-2241 | Remote Denial Of Service vulnerability in Cisco CallManager RISDC Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe. | 5.0 |
| 2005-07-12 | CVE-2005-2239 | Denial-Of-Service vulnerability in Oftpd 0.3.7 oftpd 0.3.7 allows remote attackers to cause a denial of service via a USER command with a large number of null (\0) characters. | 5.0 |