Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-2259	Denial of Service vulnerability in Beasts Vsftpd 1.2.0/1.2.1 vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. network low complexity beasts	5.0
2004-12-31	CVE-2004-2256	Directory Traversal vulnerability in phpMyFAQ Lang Parameter Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. network low complexity phpmyfaq	5.0
2004-12-31	CVE-2004-2255	Unspecified vulnerability in PHPmyfaq 1.3.12 Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename. network low complexity phpmyfaq	6.4
2004-12-31	CVE-2004-2253	Directory Traversal vulnerability in Netwin Surgeldap 1.0D/1.0E/1.0G Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. network low complexity netwin	5.0
2004-12-31	CVE-2004-2251	Remote Security vulnerability in Security Linux The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks. network low complexity astaro	5.0
2004-12-31	CVE-2004-2246	Cross-Site Scripting vulnerability in Goollery 0.3 Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php. network goollery	4.3
2004-12-31	CVE-2004-2245	Cross-Site Scripting vulnerability in Goollery 0.3 Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php. network goollery	4.3
2004-12-31	CVE-2004-2244	Denial Of Service vulnerability in Oracle Application Server and Oracle9I The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD. network low complexity oracle	5.0
2004-12-31	CVE-2004-2242	Cross-Site Scripting vulnerability in Phorum 5.0.7Beta Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter. network phorum	4.3
2004-12-31	CVE-2004-2241	Cross-Site Scripting and SQL Injection vulnerability in Phorum 5.0.11 Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. network phorum	4.3

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium