Vulnerabilities > EFS Software > EFS WEB Server > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-04 | CVE-2006-5714 | Information Disclosure and Input Validation vulnerability in EFS Software EFS web Server 4.0 Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream. | 5.0 |
| 2006-11-04 | CVE-2006-5713 | Information Disclosure and Input Validation vulnerability in EFS Software EFS web Server 4.0 Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) author, (2) content, or (3) title parameters when posting a forum thread. network efs-software | 4.3 |