Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0730 | Denial-Of-Service vulnerability in PY Software Active Webcam 5.5 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service via a request to a file on the floppy drive, as demonstrated using A:\a.txt. | 5.0 |
2005-05-02 | CVE-2005-0724 | Information Disclosure vulnerability in paFileDB paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message. | 5.0 |
2005-05-02 | CVE-2005-0712 | Unspecified vulnerability in Apple mac OS X 10.1/10.2/10.3.4 Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | 4.6 |
2005-05-02 | CVE-2005-0710 | Remote vulnerability in MySQL AB MySQL MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. | 4.6 |
2005-05-02 | CVE-2005-0709 | Code Injection vulnerability in multiple products MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. | 4.6 |
2005-05-02 | CVE-2005-0682 | Cross-Site Scripting vulnerability in Drupal Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs. network drupal | 4.3 |
2005-05-02 | CVE-2005-0677 | Remote Security vulnerability in PHPoutsourcing Zorum 3.5 index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter. | 5.0 |
2005-05-02 | CVE-2005-0675 | Cross-Site Scripting vulnerability in PHPoutsourcing Zorum 3.3/3.4/3.5 Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. network phpoutsourcing | 4.3 |
2005-05-02 | CVE-2005-0673 | Cross-Site Scripting vulnerability in PHPbb Group PHPbb 2.0.13 Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php. network phpbb-group | 4.3 |
2005-05-02 | CVE-2005-0670 | Remote Input Validation vulnerability in PHPcoin 1.2/1.2.1/1.2.1B Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 through 1.2.1b allows remote attackers to inject arbitrary web script or HTML via (1) the new parameter to mod.php, (2) the w parameter to mod.php, (3) the e parameter to login.php, (4) the o parameter to login.php, and possibly other scripts. network coinsoft-technologies | 4.3 |