Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-31 | CVE-2004-1651 | HTML Injection vulnerability in Brickhost PHPscheduleit 1.0Rc1 Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the Schedule Name field. network brickhost | 4.3 |
| 2004-08-30 | CVE-2004-1646 | Multiple vulnerability in Jerod Moemeka Xedus 1.0 Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2004-08-30 | CVE-2004-1645 | Multiple vulnerability in Jerod Moemeka Xedus 1.0 Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x. network jerod-moemeka | 4.3 |
| 2004-08-30 | CVE-2004-1644 | Multiple vulnerability in Jerod Moemeka Xedus 1.0 Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address. | 5.0 |
| 2004-08-29 | CVE-2004-1642 | Remote Denial Of Service vulnerability in WFTPD Server MLST Argument WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands. | 5.0 |
| 2004-08-29 | CVE-2004-1641 | Remote Heap Overflow vulnerability in Titan FTP Server CWD Command Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. | 5.0 |
| 2004-08-28 | CVE-2004-1640 | Cross-Site vulnerability in Nagl XOOPS Dictionary Module Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php. network xoops | 4.3 |
| 2004-08-28 | CVE-2004-0820 | Local Security vulnerability in Winamp Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. | 4.6 |
| 2004-08-26 | CVE-2004-1751 | Remote Denial of Service vulnerability in Massive Entertainment Ground Control II Operation Exodus 1.0.0.7 Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error. | 5.0 |
| 2004-08-25 | CVE-2004-1662 | YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message. | 5.0 |