Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-08-20 | CVE-2004-1733 | SQL Injection Vulnerability And Directory Traversal vulnerability in Mydms 1.4/1.4.1/1.4.2 Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. | 5.0 |
2004-08-20 | CVE-2004-1731 | Unspecified vulnerability in Mantis signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address. | 5.0 |
2004-08-20 | CVE-2004-1729 | HTML Injection vulnerability in Nihuo Software web LOG Analyzer 1.6 Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. network nihuo-software | 4.3 |
2004-08-20 | CVE-2004-1727 | Denial Of Service vulnerability in Working Resources Inc. Badblue 2.50 BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address. | 5.0 |
2004-08-18 | CVE-2004-0839 | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | 5.0 |
2004-08-18 | CVE-2004-0767 | Unspecified vulnerability in Ngsec Stackdefender 1.10 NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions. | 5.0 |
2004-08-18 | CVE-2004-0766 | Unspecified vulnerability in Ngsec Stackdefender 2.0 NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions. | 5.0 |
2004-08-18 | CVE-2004-0763 | Unspecified vulnerability in Mozilla Firefox 0.9.1/0.9.2 Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method. | 5.0 |
2004-08-18 | CVE-2004-0762 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. | 5.0 |
2004-08-18 | CVE-2004-0761 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. | 5.0 |