Vulnerabilities > Carrier > Automatedlogic Webctrl > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-14 CVE-2018-8819 XXE vulnerability in Carrier Automatedlogic Webctrl 6.0/6.1/6.5
An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5.
network
low complexity
carrier CWE-611
5.0
2017-08-25 CVE-2017-9650 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
local
low complexity
automatedlogic carrier CWE-434
4.6
2017-08-25 CVE-2017-9644 Unquoted Search Path or Element vulnerability in multiple products
An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
6.9
2017-08-25 CVE-2017-9640 Path Traversal vulnerability in multiple products
A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
network
low complexity
automatedlogic carrier CWE-22
6.5