Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1837 | HTML Injection vulnerability in Joel Palmius Mod_Survey Survey Input Field Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings. network joel-palmius | 4.3 |
| 2004-12-31 | CVE-2004-1832 | Remote Buffer Overflow vulnerability in Apple mac OS X Server 10.3 Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660. | 5.0 |
| 2004-12-31 | CVE-2004-1831 | Denial of Service vulnerability in Techland Chrome 1.2.0 Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large length value, which leads to a null dereference or out-of-bounds read. | 5.0 |
| 2004-12-31 | CVE-2004-1828 | Authentication Bypass vulnerability in Belchior Foundry Vcard 2.8/2.9 Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php. | 5.0 |
| 2004-12-31 | CVE-2004-1824 | Cross-Site Scripting vulnerability in VBulletin Memberlist.PHP Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php. network jelsoft | 4.3 |
| 2004-12-31 | CVE-2004-1823 | Cross-Site Scripting vulnerability in Jelsoft Vbulletin 3.0.0/3.0.0Can4 Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php. network jelsoft | 4.3 |
| 2004-12-31 | CVE-2004-1814 | Remote Authentication Bypass vulnerability in Vocaltec Vgw4 8 Telephony Gateway 8.0 Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allows remote attackers to read protected files via .. | 5.0 |
| 2004-12-31 | CVE-2004-1810 | Unspecified vulnerability in Opera Browser The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array. | 5.0 |
| 2004-12-31 | CVE-2004-1809 | Cross-Site Scripting vulnerability in PHPBB Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php. network phpbb-group | 4.3 |
| 2004-12-31 | CVE-2004-1807 | Cross-Site Scripting vulnerability in Dogpatch Software Cfwebstore 5.0 Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL. network dogpatch-software | 4.3 |