Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-06 | CVE-2004-0670 | Remote Denial Of Service vulnerability in ZyXEL Prestige Router Authentication Password Field Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password. | 5.0 |
| 2004-08-06 | CVE-2004-0668 | Remote Denial Of Service vulnerability in IBM Lotus Domino Server Web Access Malicious Email View Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment. | 5.0 |
| 2004-08-06 | CVE-2004-0665 | Path Disclosure vulnerability in Cgiscript.Net Csfaq 1.0 csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message. | 5.0 |
| 2004-08-06 | CVE-2004-0664 | Input Validation vulnerability in Powerportal 1.1B/1.3/1.3B Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. | 5.0 |
| 2004-08-06 | CVE-2004-0663 | Cross-Site Scripting vulnerability in Powerportal 1.1B/1.3/1.3B Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files parameter to the gallery module. network powerportal | 6.8 |
| 2004-08-06 | CVE-2004-0662 | Input Validation vulnerability in Powerportal 1.1B/1.3/1.3B PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message. | 5.0 |
| 2004-08-06 | CVE-2004-0661 | Unspecified vulnerability in D-Link Di-604, Di-614+ and Di-624 Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years. | 5.0 |
| 2004-08-06 | CVE-2004-0660 | Unspecified vulnerability in Cutephp Cutenews 0.88/1.3/1.3.1 Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter. network cutephp | 6.8 |
| 2004-08-06 | CVE-2004-0657 | Integer Overflow OR Wraparound vulnerability in multiple products Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. | 5.0 |
| 2004-08-06 | CVE-2004-0656 | Unspecified vulnerability in Pureftpd The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections. | 5.0 |