Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-08-06 | CVE-2004-0681 | Multiple vulnerability in Comersus Open Technologies Comersus Cart 5.09 Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter. network comersus-open-technologies | 6.8 |
2004-08-06 | CVE-2004-0679 | Unspecified vulnerability in Unreal Unrealircd The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses. | 5.0 |
2004-08-06 | CVE-2004-0678 | Cross-Site Scripting vulnerability in 12Planet Chat Server 2.9 Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter. | 4.3 |
2004-08-06 | CVE-2004-0677 | Denial-Of-Service vulnerability in Netfile Ftp Web Server Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive ("A"). | 5.0 |
2004-08-06 | CVE-2004-0675 | Cross-Site Scripting vulnerability in McMurtrey/Whitaker & Associates Cart32 GetLatestBuilds Script Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command. | 6.8 |
2004-08-06 | CVE-2004-0674 | Denial Of Service vulnerability in Enterasys Xsr-1805, Xsr-1850 and Xsr-3000 Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set. | 5.0 |
2004-08-06 | CVE-2004-0673 | Cross-Site Scripting vulnerability in Simm-Comm SCI Photo Chat 3.4.9 Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message. network simm-comm | 6.8 |
2004-08-06 | CVE-2004-0672 | Cross-Site Scripting vulnerability in Netegrity IdentityMinder Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype parameter. network netegrity | 6.8 |
2004-08-06 | CVE-2004-0671 | Unspecified vulnerability in Symantec Brightmail Antispam 6.0 Brightmail Spamfilter 6.0 and earlier beta releases allows remote attackers to read mail from other users by modifying the id parameter in a viewMsgDetails.do request. | 5.0 |
2004-08-06 | CVE-2004-0670 | Remote Denial Of Service vulnerability in ZyXEL Prestige Router Authentication Password Field Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password. | 5.0 |