Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-03 | CVE-2005-1421 | Directory Traversal vulnerability in Raysoft Video CAM Server 1.0.0Beta Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request. | 5.0 |
2005-05-03 | CVE-2005-1420 | Remote Security vulnerability in Raysoft Video CAM Server 1.0.0Beta Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). | 5.0 |
2005-05-03 | CVE-2005-1418 | Local Information Disclosure vulnerability in Netleaf Limited Notjustbrowsing 1.0.3 NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges. | 4.6 |
2005-05-03 | CVE-2005-1416 | Unspecified vulnerability in Soft3304 04Webserver 1.81 Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. | 5.0 |
2005-05-03 | CVE-2005-1414 | Local Information Disclosure vulnerability in FilePocket ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges. | 4.6 |
2005-05-03 | CVE-2005-1411 | Password Local Information Disclosure vulnerability in Cybration Icuii 7.0 Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges. | 4.6 |
2005-05-03 | CVE-2005-1407 | Local Security vulnerability in Skype Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. | 4.6 |
2005-05-03 | CVE-2005-1404 | Unspecified vulnerability in Myphp Forum Myphp Forum 1.0/2.0/3.0 MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php. | 5.0 |
2005-05-03 | CVE-2005-1403 | Cross-Site Scripting vulnerability in Just William's Amazon Webstore Closeup.PHP Image Parameter Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) the currentNumber parameter to software_CAD_Technical_60002_uk.htm, or (5) a cookie. network just-williams | 6.8 |
2005-05-03 | CVE-2005-1402 | Unspecified vulnerability in Mtp-Target Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison. | 5.0 |