Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2216 | Remote Denial Of Service vulnerability in SUN products Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | 5.0 |
| 2004-12-31 | CVE-2004-2215 | Unspecified vulnerability in Marc Lehmann Rxvt-Unicode 3.4/3.5 RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | 4.6 |
| 2004-12-31 | CVE-2004-2213 | Multiple vulnerability in Mbedthis Software AppWeb HTTP Server Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | 5.0 |
| 2004-12-31 | CVE-2004-2211 | Remote Input Validation vulnerability in Alivesites Forum 2.0 Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp, or (5) the id parameter to post.asp. network alivesites | 4.3 |
| 2004-12-31 | CVE-2004-2210 | Cross-Site Scripting vulnerability in Express-Web Content Management System Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. network express-web | 4.3 |
| 2004-12-31 | CVE-2004-2208 | Remote Input Validation vulnerability in Ideal Science IdealBB CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors. | 5.0 |
| 2004-12-31 | CVE-2004-2207 | Remote Input Validation vulnerability in Ideal Science IdealBB Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network ideal-science | 4.3 |
| 2004-12-31 | CVE-2004-2200 | Remote vulnerability in DUware Software Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. network duware | 4.3 |
| 2004-12-31 | CVE-2004-2199 | Remote vulnerability in Duware Duclassified 4.0 Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text. network duware | 4.3 |
| 2004-12-31 | CVE-2004-2198 | Remote vulnerability in DUware Software account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page. | 6.4 |