Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-19 | CVE-2005-1260 | Resource Exhaustion vulnerability in multiple products bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | 5.0 |
| 2005-05-19 | CVE-2005-0040 | HTML Injection vulnerability in DotNetNuke User Registration Information Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) register a new user page, (2) User-Agent, or (3) Username, which is not properly quoted before sending to the error log. network dotnetnuke | 4.3 |
| 2005-05-18 | CVE-2005-1667 | Remote Denial of Service vulnerability in Datatrac Activity Console 1.1 DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request. | 5.0 |
| 2005-05-18 | CVE-2005-1665 | Denial-Of-Service vulnerability in ASP.Net 1.0/1.1 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | 5.0 |
| 2005-05-18 | CVE-2005-1664 | Unspecified vulnerability in Microsoft Asp.Net 1.0/1.1 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties. | 6.4 |
| 2005-05-18 | CVE-2005-1663 | Directory Traversal And Denial Of Service vulnerability in Jeuce Personal web Server 2.13 Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | 5.0 |
| 2005-05-18 | CVE-2005-1662 | Directory Traversal And Denial Of Service vulnerability in Jeuce Personal Web Server Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-05-18 | CVE-2005-1661 | Denial-Of-Service vulnerability in Jeuce Personal web Server 2.13 Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) via a long GET request, possibly triggering a buffer overflow. | 5.0 |
| 2005-05-18 | CVE-2005-1659 | Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. network myserver | 4.3 |
| 2005-05-18 | CVE-2005-1658 | Directory Traversal vulnerability in Myserver 0.8 Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). | 5.0 |