Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1414 | Denial-Of-Service vulnerability in Gadu-Gadu Instant Messenger 6.1Build156 Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images. | 5.0 |
| 2004-12-31 | CVE-2004-1413 | Cross-Site Scripting and SQL Injection vulnerability in Kayako ESupport Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature. | 5.0 |
| 2004-12-31 | CVE-2004-1412 | Cross-Site Scripting and SQL Injection vulnerability in Kayako ESupport Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter. network kayako | 4.3 |
| 2004-12-31 | CVE-2004-1410 | Remote Input Validation And Denial Of Service vulnerability in Gadu-Gadu Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229. network gadu-gadu | 4.3 |
| 2004-12-31 | CVE-2004-1409 | Remote vulnerability in Singapore Image Gallery web Application 0.9.10 Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML. | 5.0 |
| 2004-12-31 | CVE-2004-1407 | Remote vulnerability in Singapore Image Gallery web Application 0.9.10 Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php. | 5.0 |
| 2004-12-31 | CVE-2004-1399 | Remote vulnerability in Opentools Attachment Mod Directory traversal vulnerability in the Attachment module 2.3.10 and earlier for phpBB allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2004-12-31 | CVE-2004-1398 | Local Format String vulnerability in Roxio Toast TDIXSupport Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument. | 4.6 |
| 2004-12-31 | CVE-2004-1397 | Cross-Site Scripting vulnerability in UseModWiki Wiki.PL Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl. network usemod | 4.3 |
| 2004-12-31 | CVE-2004-1395 | Remote Denial Of Service vulnerability in Monolith Productions Contract Jack, NO ONE Lives Forever 2 and Tron The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. | 5.0 |