Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0829 | Unspecified vulnerability in PHP Fusion PHP Fusion 5.01 Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters. network php-fusion | 4.3 |
| 2005-05-02 | CVE-2005-0826 | Denial Of Service vulnerability in OllyDbg Library Module Name OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename. | 5.0 |
| 2005-05-02 | CVE-2005-0824 | Link Following vulnerability in Mathopd The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal. | 5.5 |
| 2005-05-02 | CVE-2005-0823 | Local Credential Storage vulnerability in Thepoolclub Ipool and Isnooker ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores usernames and passwords in cleartext in the MyDetails.txt file, which allows local users to gain privileges. | 4.6 |
| 2005-05-02 | CVE-2005-0820 | Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name. | 5.0 |
| 2005-05-02 | CVE-2005-0819 | Unspecified vulnerability in Novell Netware 6.5 The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. | 5.0 |
| 2005-05-02 | CVE-2005-0818 | Unspecified vulnerability in Punbb 1.2.3 Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters. network punbb | 4.3 |
| 2005-05-02 | CVE-2005-0817 | Unspecified vulnerability in Symantec products Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites. | 5.0 |
| 2005-05-02 | CVE-2005-0815 | ISO9660 Filesystem Handling vulnerability in Linux Kernel Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | 6.4 |
| 2005-05-02 | CVE-2005-0814 | Unspecified vulnerability in Lysator LSH Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows remote attackers to cause a denial of service via unknown vectors. | 5.0 |