Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1418 | Local Information Disclosure vulnerability in Netleaf Limited Notjustbrowsing 1.0.3 NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges. | 4.6 |
| 2005-05-03 | CVE-2005-1416 | Unspecified vulnerability in Soft3304 04Webserver 1.81 Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. | 5.0 |
| 2005-05-03 | CVE-2005-1414 | Local Information Disclosure vulnerability in FilePocket ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges. | 4.6 |
| 2005-05-03 | CVE-2005-1411 | Password Local Information Disclosure vulnerability in Cybration Icuii 7.0 Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges. | 4.6 |
| 2005-05-03 | CVE-2005-1407 | Local Security vulnerability in Skype Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. | 4.6 |
| 2005-05-03 | CVE-2005-1404 | Unspecified vulnerability in Myphp Forum Myphp Forum 1.0/2.0/3.0 MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php. | 5.0 |
| 2005-05-03 | CVE-2005-1403 | Cross-Site Scripting vulnerability in Just William's Amazon Webstore Closeup.PHP Image Parameter Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) the currentNumber parameter to software_CAD_Technical_60002_uk.htm, or (5) a cookie. network just-williams | 6.8 |
| 2005-05-03 | CVE-2005-1402 | Unspecified vulnerability in Mtp-Target Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison. | 5.0 |
| 2005-05-03 | CVE-2005-1398 | Improper Input Validation vulnerability in PHPcart 3.2/3.4/4.6.4 phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying the (1) price or (2) postage parameters. | 5.0 |
| 2005-05-03 | CVE-2005-1393 | Unspecified vulnerability in Esri Arcinfo Workstation 9.0 Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery. | 4.6 |