Vulnerabilities > EFS Software

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-2466 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EFS Software Easy Chat Server 1.2/2.2
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow.
network
low complexity
efs-software CWE-119
5.0
2004-12-31 CVE-2004-2465 Cross-Site Scripting vulnerability in EFS Software Easy Chat Server 1.2
Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
network
efs-software
4.3
2004-08-24 CVE-2004-1744 Remote Denial Of Service vulnerability in Easy File Sharing Web Server 1.2/1.25
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests.
network
low complexity
efs-software
5.0
2004-08-24 CVE-2004-1743 Unspecified vulnerability in EFS Software EFS web Server 1.2/1.25
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder.
network
low complexity
efs-software
5.0
2003-12-31 CVE-2003-1297 Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.
network
low complexity
efs-software
5.0
2003-12-31 CVE-2003-1296 Denial-Of-Service vulnerability in Easy File Sharing Web Server
Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument.
network
low complexity
efs-software
5.0