Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-07-27 | CVE-2004-0595 | The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | 6.8 |
| 2004-07-24 | CVE-2004-2051 | Multiple vulnerability in eSeSIX Thintune Thin Client Devices The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL. | 5.0 |
| 2004-07-23 | CVE-2004-2047 | Directory Traversal vulnerability in Easyweb Filemanager 1.0Rc1 Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. | 5.0 |
| 2004-07-22 | CVE-2004-1749 | Denial Of Service vulnerability in Toplayer Attack Mitigator 55003.11.008 Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests. | 5.0 |
| 2004-07-19 | CVE-2004-2055 | HTTP Response Splitting vulnerability in PHPBB Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. network phpbb-group | 4.3 |
| 2004-07-07 | CVE-2004-0485 | Unspecified vulnerability in Apple mac OS X 10.2.8/10.3.3 The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. | 5.0 |
| 2004-07-07 | CVE-2004-0483 | Remote Denial of Service vulnerability in SGI Irix 6.5.24 Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests. | 5.0 |
| 2004-07-07 | CVE-2004-0479 | Unspecified vulnerability in Microsoft IE 6 Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference. | 5.0 |
| 2004-07-07 | CVE-2004-0475 | Unspecified vulnerability in Microsoft IE 6.0 The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. | 5.1 |
| 2004-07-07 | CVE-2004-0474 | Unspecified vulnerability in Microsoft Windows XP Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. | 5.1 |