Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2367 | Remote Denial Of Service vulnerability in WFTPD Server GUI The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command. | 5.0 |
| 2004-12-31 | CVE-2004-2366 | Remote Buffer Overflow vulnerability in Globalscape Secure FTP Server 2.0Build20040311 Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. | 5.0 |
| 2004-12-31 | CVE-2004-2361 | Remote Denial Of Service vulnerability in Digital Reality Game Engine Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 and Desert Rats vs. | 5.0 |
| 2004-12-31 | CVE-2004-2360 | Remote Denial Of Service vulnerability in Targem Games Battle Mages 1.0 Targem Battle Mages 1.0 allows remote attackers to cause a denial of service (infinite loop) via a UDP packet with incomplete data, which causes the server to enter an infinite loop while waiting to read the rest of the data that is not sent. | 5.0 |
| 2004-12-31 | CVE-2004-2358 | Multiple vulnerability in PhpBB admin_words.php Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter. network phpbb-group | 4.3 |
| 2004-12-31 | CVE-2004-2357 | Remote Security vulnerability in Proofpoint Protection Server The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database. | 6.4 |
| 2004-12-31 | CVE-2004-2356 | Denial Of Service vulnerability in Fizmez web Server 1.0 Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, which triggers a null pointer dereference. | 5.0 |
| 2004-12-31 | CVE-2004-2355 | HTML Injection vulnerability in Crafty Syntax Live Help Crafty Syntax Live Help 2.7.3 Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session. network crafty-syntax-live-help | 4.3 |
| 2004-12-31 | CVE-2004-2354 | Cross-Site Scripting vulnerability in 4Nguestbook SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered. | 6.8 |
| 2004-12-31 | CVE-2004-2353 | BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information. | 5.0 |