Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-01 | CVE-2005-0622 | Remote Security vulnerability in Raidenhttpd 1.1.32 RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . | 5.0 |
2005-03-01 | CVE-2004-1055 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. | 6.8 |
2005-03-01 | CVE-2004-1036 | Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML. | 6.8 |
2005-03-01 | CVE-2004-1035 | Denial-Of-Service vulnerability in Imap Proxy Imap Proxy 1.2.2 Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that are not properly handled when using the IMAP_Line_Read function. | 6.4 |
2005-03-01 | CVE-2004-1007 | The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address. | 5.0 |
2005-03-01 | CVE-2004-1003 | Unspecified vulnerability in Trend Micro Scanmail Domino 2.51/2.6 Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the anti-virus capability via the smency.nsf file. | 5.0 |
2005-03-01 | CVE-2004-1001 | Unspecified vulnerability in Debian Shadow 4.0.4.1 Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled. | 4.6 |
2005-03-01 | CVE-2004-0988 | Unspecified vulnerability in Apple Quicktime Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | 5.0 |
2005-03-01 | CVE-2004-0983 | Denial Of Service vulnerability in Yukihiro Matsumoto Ruby CGI Module The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. | 5.0 |
2005-02-28 | CVE-2005-0616 | Cross-Site Scripting vulnerability in Download module for PostNuke Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. network postnuke-software-foundation | 4.3 |