Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-09 | CVE-2005-1870 | Remote Security vulnerability in Popper 1.41R2 PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter. | 5.0 |
| 2005-06-09 | CVE-2005-1864 | Remote Security vulnerability in Vincent HOR Calendarix Advanced 1.5 PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter. | 5.0 |
| 2005-06-08 | CVE-2005-1968 | Cross-Site Scripting vulnerability in Early Impact Productcart 2.7 Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the error parameter to techErr.asp. network early-impact | 4.3 |
| 2005-06-08 | CVE-2005-1756 | Remote vulnerability in Novell NetMail Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields. network novell | 4.3 |
| 2005-06-08 | CVE-2005-1728 | Unspecified vulnerability in Apple mac OS X 10.4/10.4.1 MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | 4.6 |
| 2005-06-07 | CVE-2005-1969 | Unspecified vulnerability in Pragma Systems Pragma Telnetserver 6.0 Cross-site scripting (XSS) vulnerability in Pragma Systems Telnetserver 6.0 allows remote attackers to inject arbitrary web script or HTML, and hide activities in log files, via a "<!--" (HTML comment) in a session. network pragma-systems | 4.3 |
| 2005-06-07 | CVE-2005-1961 | Security Bypass vulnerability in Consortium C-Jdbc Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass intended access restrictions and obtain the cache results from another user. | 4.6 |
| 2005-06-07 | CVE-2005-1890 | Remote Security vulnerability in Mortiforo Unknown vulnerability in Mortiforo before 0.9.1 allows users to access private forums via unknown attack vectors. | 5.0 |
| 2005-06-07 | CVE-2005-1889 | Remote Security vulnerability in SUN Java System web Server 6.0/6.1 Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files. | 5.0 |
| 2005-06-06 | CVE-2005-1888 | HTML Injection vulnerability in MediaWiki Page Template Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates. network mediawiki | 4.3 |