Vulnerabilities > Bigantsoft > Bigant Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-26281 | Incorrect Permission Assignment for Critical Resource vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. | 7.5 |
| 2022-03-21 | CVE-2022-23345 | Missing Authentication for Critical Function vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. | 7.5 |
| 2022-03-21 | CVE-2022-23346 | Unrestricted Upload of File with Dangerous Type vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. | 6.5 |
| 2022-03-21 | CVE-2022-23347 | Path Traversal vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. | 5.0 |
| 2022-03-21 | CVE-2022-23348 | Use of Password Hash With Insufficient Computational Effort vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. | 5.0 |
| 2022-03-21 | CVE-2022-23349 | Cross-Site Request Forgery (CSRF) vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). | 6.8 |
| 2022-03-21 | CVE-2022-23350 | Cross-site Scripting vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability. | 3.5 |
| 2022-03-21 | CVE-2022-23352 | Infinite Loop vulnerability in Bigantsoft Bigant Server 5.6.06 An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). | 5.0 |
| 2010-03-03 | CVE-2009-4661 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bigantsoft Bigant Server Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. | 4.3 |