Filtered by vendor Bigantsoft
Subscribe
Total
15 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23345 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 5.0 MEDIUM | 7.5 HIGH |
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. | |||||
CVE-2022-26281 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 5.0 MEDIUM | 7.5 HIGH |
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. | |||||
CVE-2022-23347 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 5.0 MEDIUM | 7.5 HIGH |
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. | |||||
CVE-2022-23346 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 6.5 MEDIUM | 8.8 HIGH |
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. | |||||
CVE-2022-23352 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 5.0 MEDIUM | 7.5 HIGH |
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). | |||||
CVE-2022-23349 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 6.8 MEDIUM | 8.8 HIGH |
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). | |||||
CVE-2022-23350 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 3.5 LOW | 5.4 MEDIUM |
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability. | |||||
CVE-2022-23348 | 1 Bigantsoft | 1 Bigant Server | 2022-04-27 | 5.0 MEDIUM | 5.3 MEDIUM |
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. | |||||
CVE-2021-43430 | 1 Bigantsoft | 1 Bigant Office Messenger 5 | 2022-04-15 | 6.5 MEDIUM | 8.8 HIGH |
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files. | |||||
CVE-2008-1914 | 1 Bigantsoft | 1 Bigant Messenger | 2018-10-11 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4660 | 1 Bigantsoft | 1 Bigant Messenger | 2017-09-18 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660. | |||||
CVE-2009-4661 | 1 Bigantsoft | 1 Bigant Server | 2017-09-18 | 4.3 MEDIUM | N/A |
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. | |||||
CVE-2012-6274 | 1 Bigantsoft | 1 Bigant Im Message Server | 2013-02-25 | 5.0 MEDIUM | N/A |
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors. | |||||
CVE-2012-6273 | 1 Bigantsoft | 1 Bigant Im Message Server | 2013-02-25 | 7.5 HIGH | N/A |
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request. | |||||
CVE-2012-6275 | 1 Bigantsoft | 1 Bigant Im Message Server | 2013-02-24 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request. |