Vulnerabilities > Interchange Development Group
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-23 | CVE-2008-2423 | Denial Of Service vulnerability in Interchange Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. | 10.0 |
| 2007-05-13 | CVE-2007-2635 | Denial-Of-Service vulnerability in Interchange Development Group Interchange 5.4.1 Unspecified vulnerability in Interchange before 5.4.2 allows remote attackers to cause an unspecified denial of service (possibly server hang) via crafted HTTP requests. | 7.8 |
| 2005-09-27 | CVE-2005-3073 | Multiple vulnerability in Interchange Development Group Interchange 4.9.3/5.0/5.2 Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) "mike", (2) "standard", or (3) "foundation" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page. | 5.0 |
| 2005-09-27 | CVE-2005-3072 | Multiple vulnerability in Interchange SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2668 | SQL-Injection vulnerability in Interchange SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-05-04 | CVE-2004-0374 | Remote Information Disclosure vulnerability in Interchange Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string. | 6.4 |