Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-23 | CVE-2004-0263 | PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information. | 5.0 |
| 2004-11-23 | CVE-2004-0260 | Remote Arbitrary File Deletion Backdoor vulnerability in Cactusoft Cactushop Lite 5.0 The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains a backdoor that allows remote attackers to delete arbitrary files via an email address that starts with |||. | 5.0 |
| 2004-11-23 | CVE-2004-0257 | Remote Denial Of Service vulnerability in BSD ICMPV6 Handling Routines OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. | 5.0 |
| 2004-11-23 | CVE-2004-0255 | Remote Denial Of Service vulnerability in XLight FTP Server Long Directory Request Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . | 5.0 |
| 2004-11-23 | CVE-2004-0254 | Cross-Site Scripting vulnerability in Crosscom Olicom Discuz 2.0/3.0 Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag. network crosscom-olicom | 6.8 |
| 2004-11-23 | CVE-2004-0252 | Remote Denial Of Service vulnerability in Typsoft FTP Server 1.1 TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name. | 5.0 |
| 2004-11-23 | CVE-2004-0251 | Cross-Site Scripting vulnerability in Rxgoogle.Cgi 1.0 Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote attackers to execute arbitrary script as other users via the query parameter. network rxgoogle-cgi | 6.8 |
| 2004-11-23 | CVE-2004-0248 | Multiple vulnerability in PHPx 3.2.3 Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum. network phpx | 6.8 |
| 2004-11-23 | CVE-2004-0247 | Remote Denial Of Service vulnerability in Cauldron Chaser Client and Chaser Server The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory. | 5.0 |
| 2004-11-23 | CVE-2004-0245 | Remote Denial Of Service vulnerability in Web Crossing Web Server Component Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero. | 5.0 |