Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-06-01 | CVE-2003-0663 | Denial Of Service vulnerability in Microsoft Windows 2000 Domain Controller LDAP Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message. | 5.0 |
| 2004-06-01 | CVE-2002-0385 | Information Disclosure vulnerability in Vignette Storyserver and Vignette Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | 5.0 |
| 2004-05-29 | CVE-2004-2040 | Multiple vulnerability in E107 0.615/0.615A Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php. network e107 | 4.3 |
| 2004-05-29 | CVE-2004-2039 | Multiple vulnerability in E107 0.615/0.615A e107 0.615 allows remote attackers to obtain sensitive information via a direct request to (1) alt_news.php, (2) backend_menu.php, (3) clock_menu.php, (4) counter_menu.php, (5) login_menu.php, and other files, which reveal the full path in a PHP error message. | 5.0 |
| 2004-05-29 | CVE-2004-2038 | HTML Injection vulnerability in Land Down Under BBCode Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. network neocrome | 4.3 |
| 2004-05-26 | CVE-2004-2035 | Remote Denial Of Service vulnerability in Minishare Minimal Http Server 1.3.2 MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | 5.0 |
| 2004-05-26 | CVE-2004-2033 | Denial Of Service vulnerability in Orenosv Http FTP Server 0.5.9C/0.5.9E/0.5.9F Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | 5.0 |
| 2004-05-22 | CVE-2004-2030 | Cross-Site Scripting vulnerability in Liferay Enterprise Portal 2.1.0 Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject. | 4.3 |
| 2004-05-22 | CVE-2004-2029 | Denial of Service vulnerability in Trevor Hogan Bnbt 7.5Betarelease2 The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value. | 5.0 |
| 2004-05-21 | CVE-2004-2031 | HTML Injection vulnerability in e107 Website System Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields. network e107 | 4.3 |