Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-11 | CVE-2005-1494 | Cross-Site Scripting vulnerability in MegaBook Admin.CGI EntryID Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) entryid or (2) password parameter. network megabook | 4.3 |
2005-05-11 | CVE-2005-1493 | Directory Traversal vulnerability in Dead Pirate Software Simplecam 1.2 Directory traversal vulnerability in SimpleCam 1.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URL. | 5.0 |
2005-05-11 | CVE-2005-1491 | Local Security vulnerability in Mail Server Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html. | 4.6 |
2005-05-11 | CVE-2005-1489 | Remote Security vulnerability in Mail Server Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html. | 5.0 |
2005-05-11 | CVE-2005-1486 | Cross-Site Scripting vulnerability in Fishnet Fishcart 3.1 Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) trackingnum, (2) reqagree, or (3) m parameter to upstracking.php or (4) nlst parameter to display.php. | 5.0 |
2005-05-11 | CVE-2005-1485 | Information Disclosure vulnerability in Kmint21 Software Golden FTP Server 2.52 Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message. | 5.0 |
2005-05-11 | CVE-2005-1484 | Directory Traversal vulnerability in Golden FTP Server Pro Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command. | 5.0 |
2005-05-11 | CVE-2005-1483 | Remote vulnerability in Interspire Articlelive 2005 Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter. network interspire | 4.3 |
2005-05-11 | CVE-2005-1480 | Unspecified vulnerability in Raiden Professional Servers Raidenftpd Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbitrary files via a "..\\" (dot dot backslash) in the urlget site command. | 5.0 |
2005-05-11 | CVE-2005-1262 | Remote MSN Empty SLP Message Denial Of Service vulnerability in Gaim Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message. | 5.0 |