Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1583 | Directory Traversal vulnerability in TriDComm Built-in FTP Server Directory traversal vulnerability in the FTP server in TriDComm 1.3 and earlier allows remote attackers to read or write arbitrary files via a .. | 6.4 |
| 2004-12-31 | CVE-2004-1581 | Information Disclosure vulnerability in Blackboard 1.5.1 BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | 5.0 |
| 2004-12-31 | CVE-2004-1579 | Information Disclosure vulnerability in Devellion Cubecart 2.0.1 index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message. | 5.0 |
| 2004-12-31 | CVE-2004-1578 | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 2.0.0 Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header. network invision-power-services | 4.3 |
| 2004-12-31 | CVE-2004-1577 | Information Disclosure vulnerability in Phplinks index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message. | 5.0 |
| 2004-12-31 | CVE-2004-1576 | Format string vulnerability in Judge Dredd: Dredd vs. | 5.0 |
| 2004-12-31 | CVE-2004-1575 | Denial Of Service vulnerability in Apache Xerces-C++ 2.5.0 The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document. | 5.0 |
| 2004-12-31 | CVE-2004-1572 | Unspecified vulnerability in Aj-Fork 167 AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. | 5.0 |
| 2004-12-31 | CVE-2004-1571 | Information Disclosure vulnerability in Aj-Fork 167 AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-disable-comments.php, (9) filter-by-author.php, (10) format-switcher.php, (11) long-to-short.php, (12) prospective-posting.php, or (13) sort-by-xfield.php, which displays the full path in an error message. | 5.0 |
| 2004-12-31 | CVE-2004-1569 | Buffer Overflow vulnerability in Illustrate products Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields. | 4.0 |