Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-01 | CVE-2005-1815 | Stack Overflow vulnerability in Hummingbird Connectivity 10.0/7.1/9.0 Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe). | 5.0 |
| 2005-06-01 | CVE-2005-1811 | HTML Injection vulnerability in Mybulletinboard 1.0Rc4 Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via the website field in a user profile. network mybulletinboard | 4.3 |
| 2005-06-01 | CVE-2005-1809 | Unspecified vulnerability in Sony P900 Firmware Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexftp session with a long filename in an OBEX File Transfer or OBEX Object Push. | 5.0 |
| 2005-06-01 | CVE-2005-1794 | Remote Desktop Protocol Server Private Key Disclosure vulnerability in Microsoft products Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. | 6.4 |
| 2005-06-01 | CVE-2005-1792 | Denial of Service vulnerability in Microsoft Windows XP Windows Management Instrumentation Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache. | 5.0 |
| 2005-05-31 | CVE-2005-1866 | Cross-Site Scripting vulnerability in Vincent HOR Calendarix Advanced 1.5 Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter. network vincent-hor | 4.3 |
| 2005-05-31 | CVE-2005-1832 | Cross-Site Scripting vulnerability in MyBulletinBoard Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php. network mybulletinboard | 4.3 |
| 2005-05-31 | CVE-2005-1799 | HTML Injection vulnerability in Freestyle Wiki and Wikilite Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network freestyle | 4.3 |
| 2005-05-31 | CVE-2005-1783 | Remote Security vulnerability in W.M.R. Simpson Bookreview Beta1.0 BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. | 5.0 |
| 2005-05-31 | CVE-2005-1781 | Denial-Of-Service vulnerability in MailEnable Professional Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash). | 5.0 |