Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1108 | Unspecified vulnerability in Junkbuster Internet Junkbuster 2.0.2R2 The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request. | 5.0 |
2005-05-02 | CVE-2005-1106 | Denial-Of-Service vulnerability in Apple Quicktime Pictureviewer 6.5.2 PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow. | 5.0 |
2005-05-02 | CVE-2005-1105 | Unspecified vulnerability in SUN Javamail 1.3.2 Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. | 5.0 |
2005-05-02 | CVE-2005-1104 | Unspecified vulnerability in Centra 7 Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) first name, or (3) last name fields. network centra | 4.3 |
2005-05-02 | CVE-2005-1102 | Cross-Site Scripting vulnerability in WordPress Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post. network wordpress | 6.8 |
2005-05-02 | CVE-2005-1097 | Local Security vulnerability in Rebrand P2P Share SPY 2.2 Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the registry, which allows local users to gain privileges. | 4.6 |
2005-05-02 | CVE-2005-1095 | Cross-Site Scripting vulnerability in Ocean12 Membership Manager Pro Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. network ocean12-technologies | 4.3 |
2005-05-02 | CVE-2005-1090 | Directory Traversal vulnerability in Maxthon 1.2.0/1.2.1 Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files. | 6.4 |
2005-05-02 | CVE-2005-1086 | Remote Buffer Overflow vulnerability in AN An-Httpd 1.42N Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. | 6.4 |
2005-05-02 | CVE-2005-1085 | Cross-site scripting (XSS) vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML. network aewebworks | 4.3 |