Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Instantservers Inc. Subscribe
Filtered by product Miniportal
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0259 1 Instantservers Inc. 1 Miniportal 2016-10-17 4.6 MEDIUM N/A
InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
CVE-2002-0260 1 Instantservers Inc. 1 Miniportal 2016-10-17 7.5 HIGH N/A
Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility.
CVE-2002-0261 1 Instantservers Inc. 1 Miniportal 2016-10-17 7.5 HIGH N/A
Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command.