Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0888 | Unspecified vulnerability in Michael Dean Double Choco Latte 0.9.4.3 Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) class or (2) method name. network michael-dean | 4.3 |
| 2005-05-02 | CVE-2005-0886 | HTML Injection vulnerability in Invision Power Board Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. network invision-power-services | 4.3 |
| 2005-05-02 | CVE-2005-0885 | Unspecified vulnerability in XMB Forum XMB 1.9.1 Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields. network xmb-forum | 4.3 |
| 2005-05-02 | CVE-2005-0880 | Information Disclosure vulnerability in Vortex Portal content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-0876 | Remote vulnerability in Dnsmasq Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file. | 5.0 |
| 2005-05-02 | CVE-2005-0875 | Unspecified vulnerability in Cerulean Studios Trillian 2.0/3.0/3.1 Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | 5.0 |
| 2005-05-02 | CVE-2005-0874 | Unspecified vulnerability in Cerulean Studios Trillian 2.0 Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | 5.0 |
| 2005-05-02 | CVE-2005-0873 | Remote Cross-Site Scripting vulnerability in Oracle 10G Reports Server 9.0.4.3.3 Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter. network oracle | 4.3 |
| 2005-05-02 | CVE-2005-0872 | Unspecified vulnerability in PHPbb Group PHPbb 1.0.1 Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the start parameter. network phpbb-group | 4.3 |
| 2005-05-02 | CVE-2005-0871 | Information Disclosure vulnerability in PHPbb Group PHPbb 1.0.1 calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when running on a Microsoft IIS server, allows remote attackers to obtain sensitive information via invalid parameters, which reveal the path in an error message. | 5.0 |