Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-04-30 | CVE-2004-1978 | Unspecified vulnerability in Moodle 1.1.1/1.2.0/1.2.1 Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. network moodle | 4.3 |
2004-04-29 | CVE-2004-1977 | Denial of Service vulnerability in 3Com SuperStack 3 NBX Netset Application Port Scan 3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service (crash) via a Nessus scan in safeChecks mode. | 5.0 |
2004-04-27 | CVE-2004-1975 | Cross-Site Scripting vulnerability in PAFileDB ID Variable Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551. network php-arena | 4.3 |
2004-04-27 | CVE-2004-1974 | Information Disclosure vulnerability in PHP Arena Pafiledb 3.1 paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.php, (8) file.php, (9) rate.php, or (10) stats.php, which reveals the path in an error message. | 5.0 |
2004-04-27 | CVE-2004-1973 | Remote Denial Of Service vulnerability in Digi WWW Server Compieuw DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters. | 5.0 |
2004-04-26 | CVE-2004-1971 | modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message. | 5.0 |
2004-04-26 | CVE-2004-1968 | Unspecified vulnerability in Openbb The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to read arbitrary messages by modifying the id parameter. | 5.0 |
2004-04-26 | CVE-2004-1077 | Unspecified vulnerability in Citrix Metaframe Client and Program Neighborhood Agent Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive. | 5.0 |
2004-04-25 | CVE-2004-1965 | Input Validation vulnerability in OpenBB Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php. network openbb | 4.3 |
2004-04-23 | CVE-2004-1964 | Cross-Site Scripting vulnerability in Network Query Tool 1.0/1.6 Cross-site scripting (XSS) vulnerability in nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to inject arbitrary web script or HTML via the portNum parameter. network freshmeat | 4.3 |