Weekly Vulnerabilities Reports > July 19 to 25, 2004
Overview
5 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 11 products from 5 vendors including Phpbb Group, Esesix, Easyweb, Easyins, and Toplayer. Vulnerabilities are notably categorized as .
- 5 reported vulnerabilities are remotely exploitables.
- 5 reported vulnerabilities are exploitable by an anonymous user.
- Phpbb Group has the most reported vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
1 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-07-24 | CVE-2004-2053 | Easyins | Remote File Include vulnerability in Easyins Stadtportal4.0 PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitrary PHP code via the site parameter. | 7.5 |
4 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-07-24 | CVE-2004-2051 | Esesix | Multiple vulnerability in eSeSIX Thintune Thin Client Devices The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL. | 5.0 |
2004-07-23 | CVE-2004-2047 | Easyweb | Directory Traversal vulnerability in Easyweb Filemanager 1.0Rc1 Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. | 5.0 |
2004-07-22 | CVE-2004-1749 | Toplayer | Denial Of Service vulnerability in Toplayer Attack Mitigator 55003.11.008 Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests. | 5.0 |
2004-07-19 | CVE-2004-2055 | Phpbb Group | HTTP Response Splitting vulnerability in PHPBB Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. | 4.3 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|