Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2293 | Input Validation vulnerability in PHP-Nuke Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the Reviews module as demonstrated by the url, cover, rlanguage, and hits parameters, or (4) savecomment function in the Reviews module, as demonstrated using the uname parameter. network francisco-burzi | 4.3 |
2004-12-31 | CVE-2004-2292 | Remote Status Command Buffer Overflow vulnerability in Alt-N MDaemon Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. | 5.0 |
2004-12-31 | CVE-2004-2288 | Unspecified vulnerability in Jelsoft Vbulletin Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter. network jelsoft | 4.3 |
2004-12-31 | CVE-2004-2287 | Directory Traversal vulnerability in DSM Light web File Browser 2.0 Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. | 5.0 |
2004-12-31 | CVE-2004-2283 | Unspecified vulnerability in Daniel Barron Dansguardian Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache. | 5.0 |
2004-12-31 | CVE-2004-2282 | Security Bypass vulnerability in Dansguardian DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request. | 5.0 |
2004-12-31 | CVE-2004-2280 | Java Applet vulnerability in IBM Lotus Notes Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. | 5.0 |
2004-12-31 | CVE-2004-2279 | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 1.3Final Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php. network invision-power-services | 4.3 |
2004-12-31 | CVE-2004-2278 | Cross-Site Scripting vulnerability in Chaogic Systems VHost Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHost before 3.10r1 has unknown impact and attack vectors. network chaogic-systems | 4.3 |
2004-12-31 | CVE-2004-2277 | Buffer Overflow vulnerability in Agsm 2.35C/2.51C Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server response. | 5.0 |