Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-05-05 | CVE-2004-2002 | UDP Denial Of Service vulnerability in SGI IRIX Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet. | 5.0 |
| 2004-05-05 | CVE-2004-2001 | Unspecified vulnerability in SGI Irix ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received. | 4.6 |
| 2004-05-05 | CVE-2004-1999 | Cross-Site Scripting vulnerability in PHP-Nuke Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php. network francisco-burzi | 4.3 |
| 2004-05-05 | CVE-2004-1998 | Information Disclosure vulnerability in PHP-Nuke The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message. | 5.0 |
| 2004-05-05 | CVE-2004-1997 | Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges. | 4.6 |
| 2004-05-05 | CVE-2004-1996 | HTML Injection vulnerability in Simple Machines SMF 1.0Beta4.1/1.0Beta4P/1.0Beta5P Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag. network simple-machines | 4.3 |
| 2004-05-05 | CVE-2004-1994 | Authentication Bypass vulnerability in E-Zone Media Inc. Fusetalk 2.0/3.0/4.0 FuseTalk 4.0 allows remote attackers to ban other users via a direct request to banning.cfm. | 5.0 |
| 2004-05-04 | CVE-2004-0379 | Unspecified vulnerability in Microsoft Sharepoint Portal Server 2001 Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts. network microsoft | 6.8 |
| 2004-05-04 | CVE-2004-0376 | Denial Of Service vulnerability in OFTPD Port Argument oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value. | 5.0 |
| 2004-05-04 | CVE-2004-0374 | Remote Information Disclosure vulnerability in Interchange Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string. | 6.4 |