Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-04-27 | CVE-2004-1488 | Remote vulnerability in GNU WGet wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | 5.0 |
2005-04-27 | CVE-2004-1487 | Remote vulnerability in GNU WGet wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences. | 5.0 |
2005-04-26 | CVE-2005-1281 | Denial Of Service vulnerability in Ethereal RSVP Decoding Routines Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. | 5.0 |
2005-04-25 | CVE-2005-1317 | Cross-Site Scripting vulnerability in Chora 1.2/1.2.2 Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. network horde | 6.8 |
2005-04-25 | CVE-2005-1300 | Cross-Site Scripting vulnerability in Inserter.Cgi Cross-site scripting (XSS) vulnerability in the inserter.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. network inserter-cgi | 6.8 |
2005-04-25 | CVE-2005-1297 | Cross-Site Scripting vulnerability in Include.Cgi Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. network include-cgi | 6.8 |
2005-04-25 | CVE-2005-1275 | Remote Buffer Overflow vulnerability in ImageMagick PNM Image Decoding Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. | 5.0 |
2005-04-22 | CVE-2005-1285 | Cross-Site Scripting vulnerability in WoltLab Burning Board Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter. network woltlab | 6.8 |
2005-04-20 | CVE-2005-1233 | Cross-Site Scripting vulnerability in PHP Labs proFile Dir URI Variable Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters. network php-labs | 4.3 |
2005-04-20 | CVE-2005-1227 | Cross-Site Scripting vulnerability in PHProjekt 4.2 Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form. | 5.1 |