Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1243 | Directory Traversal vulnerability in Axcessit Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1242 | Directory Traversal vulnerability in Global Security Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1239 | Unspecified vulnerability in Raz-Lee Security+++ Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1235 | Information Disclosure vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-1234 | SQL Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to auction_rating.php or (2) ar parameter to action_offer.php. | 5.0 |
| 2005-05-02 | CVE-2005-1231 | HTML Injection vulnerability in Jaws 0.3/0.4/0.5Beta2 Cross-site scripting (XSS) vulnerability in the NewTerm function in GlossaryModel.php in JAWS 0.4 allows remote attackers to inject arbitrary web script or HTML via the (1) term or (2) description. network jaws | 4.3 |
| 2005-05-02 | CVE-2005-1230 | Directory Traversal vulnerability in Magnus Lundvall Yawcam 0.2.5 Directory traversal vulnerability in Yawcam 0.2.5 allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1229 | Directory Traversal vulnerability in CPIO Filename Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. | 4.6 |
| 2005-05-02 | CVE-2005-1228 | Multiple Security vulnerability in Apple Mac OS X Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. | 5.0 |
| 2005-05-02 | CVE-2005-1204 | Denial-Of-Service vulnerability in Desktop Rover Desktop Rover 3.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a crafted packet to TCP port 61427, which causes an invalid memory access. | 5.0 |