Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-21 | CVE-2006-0352 | Information Disclosure vulnerability in Fluffington Flog 1.01/1.1.2 The default configuration of Fluffington FLog 1.01 installs users.0.dat under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (login credentials) via a direct request. | 5.0 |
| 2006-01-21 | CVE-2006-0351 | Denial Of Service vulnerability in MyDNS DNS Query Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors. | 5.0 |
| 2006-01-21 | CVE-2006-0350 | Input Validation vulnerability in Epic Designs Eggblog 2.0 Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. network epic-designs | 4.3 |
| 2006-01-21 | CVE-2006-0348 | Remote Input Validation vulnerability in ELOG Web Logbook Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. | 5.0 |
| 2006-01-21 | CVE-2006-0347 | Remote Input Validation vulnerability in ELOG Web Logbook Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL. | 5.0 |
| 2006-01-21 | CVE-2006-0346 | Input Validation vulnerability in Saral Kaushik Saralblog 1.0 Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php. network saral-kaushik | 4.3 |
| 2006-01-21 | CVE-2006-0344 | Directory Traversal vulnerability in Intervations Filecopa 1.01 Directory traversal vulnerability in Intervations FileCOPA FTP Server 1.01 allows remote attackers to read and write arbitrary files via a .. | 6.4 |
| 2006-01-21 | CVE-2006-0343 | Denial of Service vulnerability in Hitachi products Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving "invalid format data". | 5.0 |
| 2006-01-21 | CVE-2006-0338 | Archive Handling vulnerability in F-Secure Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. | 5.0 |
| 2006-01-21 | CVE-2006-0336 | Denial of Service vulnerability in Kerio WinRoute Firewall Web Browsing Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web". | 5.0 |