Vulnerabilities > EFS Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2466 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EFS Software Easy Chat Server 1.2/2.2 chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. | 5.0 |
| 2004-12-31 | CVE-2004-2465 | Cross-Site Scripting vulnerability in EFS Software Easy Chat Server 1.2 Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. network efs-software | 4.3 |
| 2004-08-24 | CVE-2004-1744 | Remote Denial Of Service vulnerability in Easy File Sharing Web Server 1.2/1.25 Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests. | 5.0 |
| 2004-08-24 | CVE-2004-1743 | Unspecified vulnerability in EFS Software EFS web Server 1.2/1.25 Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder. | 5.0 |
| 2003-12-31 | CVE-2003-1297 | Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | 5.0 |
| 2003-12-31 | CVE-2003-1296 | Denial-Of-Service vulnerability in Easy File Sharing Web Server Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. | 5.0 |