Vulnerabilities > Carrier

DATE CVE VULNERABILITY TITLE RISK
2021-02-22 CVE-2020-19762 Cross-site Scripting vulnerability in Carrier Webctrl System
Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior allows remote attackers to execute any JavaScript code via a XSS payload for the first parameter in a GET request.
network
carrier CWE-79
4.3
2018-06-14 CVE-2018-8819 XXE vulnerability in Carrier Automatedlogic Webctrl 6.0/6.1/6.5
An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5.
network
low complexity
carrier CWE-611
5.0
2017-08-31 CVE-2016-5795 XXE vulnerability in multiple products
An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior.
network
low complexity
automatedlogic carrier CWE-611
7.5
2017-08-25 CVE-2017-9650 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
local
low complexity
automatedlogic carrier CWE-434
4.6
2017-08-25 CVE-2017-9644 Unquoted Search Path or Element vulnerability in multiple products
An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
6.9
2017-08-25 CVE-2017-9640 Path Traversal vulnerability in multiple products
A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
network
low complexity
automatedlogic carrier CWE-22
6.5