Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2508 | Cross-Site Scripting vulnerability in Linksys Wvc11B 2.10 Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter. network linksys | 4.3 |
2004-12-31 | CVE-2004-2507 | Unspecified vulnerability in Linksys Wvc11B 2.10 Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter. | 5.0 |
2004-12-31 | CVE-2004-2506 | Information Disclosure vulnerability in Wikindx Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g allows remote attackers to obtain sensitive information via a direct HTTP request to the config.inc file. | 5.0 |
2004-12-31 | CVE-2004-2505 | Denial Of Service vulnerability in Macromedia ColdFusion MX Oversized Error Message Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data. | 5.0 |
2004-12-31 | CVE-2004-2503 | Remote Denial Of Service vulnerability in Inweb Mail Server 2.40 INweb Mail Server 2.40 allows remote attackers to cause a denial of service (crash) via a large number of connect/disconnect actions to the (1) POP3 and (2) SMTP services. | 5.0 |
2004-12-31 | CVE-2004-2498 | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors. | 5.0 |
2004-12-31 | CVE-2004-2497 | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network hitachi | 4.3 |
2004-12-31 | CVE-2004-2494 | Multiple vulnerability in Code-Crafters Ability Mail Server Cross-site scripting (XSS) vulnerability in _error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter. network code-crafters | 4.3 |
2004-12-31 | CVE-2004-2493 | Cross-Site Scripting And Directory Traversal vulnerability in Hitachi products Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter. | 4.0 |
2004-12-31 | CVE-2004-2492 | Cross-Site Scripting And Directory Traversal vulnerability in Groupmax World Wide Web Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. network hitachi | 4.3 |