Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-06 | CVE-2005-2162 | Remote Security vulnerability in Levcgi.Com Myguestbook 0.6.1 PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter. | 5.0 |
| 2005-07-06 | CVE-2005-2161 | Unspecified vulnerability in PHPbb Group PHPbb 2.0.16 Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested [url] tags. network phpbb-group | 4.3 |
| 2005-07-06 | CVE-2005-2159 | Remote Buffer Overflow vulnerability in Planetdns Planetfileserver 2.0.1.3 mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote attackers to cause a denial of service (application crash) via a long request. | 5.0 |
| 2005-07-06 | CVE-2005-2157 | Remote Security vulnerability in Nabocorp Nabopoll 1.2 PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter. | 5.0 |
| 2005-07-06 | CVE-2005-2151 | Unspecified vulnerability in Double Precision Incorporated Courier Mail Server spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. | 5.0 |
| 2005-07-06 | CVE-2005-2147 | Unspecified vulnerability in Edgewall Software Trac 0.7.1/0.8.1/0.8.3 Trac before 0.8.4 allows remote attackers to read or upload arbitrary files via a full pathname in the id parameter to the (1) upload or (2) attachment viewer scripts. | 6.4 |
| 2005-07-06 | CVE-2005-1916 | Link Following vulnerability in multiple products linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | 5.5 |
| 2005-07-05 | CVE-2005-2146 | Local Security vulnerability in SSH Tectia Server 4.3.1 SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server. | 4.6 |
| 2005-07-05 | CVE-2005-2145 | Local Security vulnerability in Prevx PRO 2005 1.0 The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message. | 4.6 |
| 2005-07-05 | CVE-2005-2143 | Unspecified vulnerability in Microsoft Frontpage Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page. | 5.0 |