Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0960 | Remote Denial Of Service vulnerability in Openbsd 3.5/3.6 Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash). | 5.0 |
| 2005-05-02 | CVE-2005-0954 | Unspecified vulnerability in Microsoft Internet Explorer, Windows Explorer and Windows XP Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file. | 5.0 |
| 2005-05-02 | CVE-2005-0952 | Unspecified vulnerability in PHP Arena Pafiledb 3.1 Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 5.0 |
| 2005-05-02 | CVE-2005-0949 | Input Validation vulnerability in Iatek PortalApp Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter. network iatek | 4.3 |
| 2005-05-02 | CVE-2005-0945 | Unspecified vulnerability in ASP Press ACS Blog 1.1.1 Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in (1) img, (2) link, or (3) mail tags. network asp-press | 4.3 |
| 2005-05-02 | CVE-2005-0941 | Remote Heap Overflow vulnerability in OpenOffice Malformed Document The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow. | 5.1 |
| 2005-05-02 | CVE-2005-0938 | Remote Security vulnerability in Ublog Reload Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb. | 5.0 |
| 2005-05-02 | CVE-2005-0936 | Cross-Site Scripting vulnerability in Esmi Paypal Storefront 1.7 Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 5.0 |
| 2005-05-02 | CVE-2005-0934 | Cross-Site Scripting vulnerability in Wackowiki R4 Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. network wackowiki | 4.3 |
| 2005-05-02 | CVE-2005-0933 | Remote vulnerability in PHPcoin 1.2.1/1.2.1B Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | 5.0 |