Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-06 | CVE-2004-1711 | Unspecified vulnerability in Moodle Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. network moodle | 4.3 |
| 2004-08-06 | CVE-2004-0684 | Denial-Of-Service vulnerability in IBM products WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters. | 5.0 |
| 2004-08-06 | CVE-2004-0683 | Denial-Of-Service vulnerability in Norton AntiVirus 2003 Professional Edition Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories. | 5.0 |
| 2004-08-06 | CVE-2004-0681 | Multiple vulnerability in Comersus Open Technologies Comersus Cart 5.09 Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter. network comersus-open-technologies | 6.8 |
| 2004-08-06 | CVE-2004-0679 | Unspecified vulnerability in Unreal Unrealircd The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses. | 5.0 |
| 2004-08-06 | CVE-2004-0678 | Cross-Site Scripting vulnerability in 12Planet Chat Server 2.9 Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter. | 4.3 |
| 2004-08-06 | CVE-2004-0677 | Denial-Of-Service vulnerability in Netfile Ftp Web Server Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive ("A"). | 5.0 |
| 2004-08-06 | CVE-2004-0675 | Cross-Site Scripting vulnerability in McMurtrey/Whitaker & Associates Cart32 GetLatestBuilds Script Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command. | 6.8 |
| 2004-08-06 | CVE-2004-0674 | Denial Of Service vulnerability in Enterasys Xsr-1805, Xsr-1850 and Xsr-3000 Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set. | 5.0 |
| 2004-08-06 | CVE-2004-0673 | Cross-Site Scripting vulnerability in Simm-Comm SCI Photo Chat 3.4.9 Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message. network simm-comm | 6.8 |