Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-2508 Cross-Site Scripting vulnerability in Linksys Wvc11B 2.10
Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter.
network
linksys
4.3
4.3
2004-12-31 CVE-2004-2507 Unspecified vulnerability in Linksys Wvc11B 2.10
Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter.
network
low complexity
linksys
5.0
5.0
2004-12-31 CVE-2004-2506 Information Disclosure vulnerability in Wikindx
Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g allows remote attackers to obtain sensitive information via a direct HTTP request to the config.inc file.
network
low complexity
wikindx
5.0
5.0
2004-12-31 CVE-2004-2505 Denial Of Service vulnerability in Macromedia ColdFusion MX Oversized Error Message
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
network
low complexity
macromedia
5.0
5.0
2004-12-31 CVE-2004-2503 Remote Denial Of Service vulnerability in Inweb Mail Server 2.40
INweb Mail Server 2.40 allows remote attackers to cause a denial of service (crash) via a large number of connect/disconnect actions to the (1) POP3 and (2) SMTP services.
network
low complexity
inweb
5.0
5.0
2004-12-31 CVE-2004-2498 Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator
Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors.
network
low complexity
hitachi
5.0
5.0
2004-12-31 CVE-2004-2497 Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator
Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
network
hitachi
4.3
4.3
2004-12-31 CVE-2004-2494 Multiple vulnerability in Code-Crafters Ability Mail Server
Cross-site scripting (XSS) vulnerability in _error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter.
network
code-crafters
4.3
4.3
2004-12-31 CVE-2004-2493 Cross-Site Scripting And Directory Traversal vulnerability in Hitachi products
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
network
low complexity
hitachi
4.0
4.0
2004-12-31 CVE-2004-2492 Cross-Site Scripting And Directory Traversal vulnerability in Groupmax World Wide Web
Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter.
network
hitachi
4.3
4.3