Vulnerabilities > Ipswitch

DATE CVE VULNERABILITY TITLE RISK
2018-05-01 CVE-2018-8939 Server-Side Request Forgery (SSRF) vulnerability in Ipswitch Whatsup Gold
An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0).
network
low complexity
ipswitch CWE-918
7.5
2018-05-01 CVE-2018-8938 Code Injection vulnerability in Ipswitch Whatsup Gold
A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0).
network
low complexity
ipswitch CWE-94
7.5
2018-02-02 CVE-2018-6545 Cross-site Scripting vulnerability in Ipswitch Moveit 8.1
Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability, as demonstrated by human.aspx.
network
ipswitch CWE-79
4.3
2018-01-24 CVE-2018-5778 SQL Injection vulnerability in Ipswitch Whatsup Gold
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1).
network
low complexity
ipswitch CWE-89
7.5
2018-01-24 CVE-2018-5777 Unspecified vulnerability in Ipswitch Whatsup Gold
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1).
network
low complexity
ipswitch
7.5
2017-11-03 CVE-2017-16513 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ipswitch WS FTP
Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729.
local
low complexity
ipswitch CWE-119
4.6
2017-10-03 CVE-2017-12639 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ipswitch Imail Server
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
network
low complexity
ipswitch CWE-119
7.5
2017-10-03 CVE-2017-12638 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ipswitch Imail Server
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.
network
low complexity
ipswitch CWE-119
7.5
2017-05-18 CVE-2017-6195 SQL Injection vulnerability in Ipswitch Moveit DMZ and Moveit Transfer 2017
Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection.
network
low complexity
ipswitch CWE-89
7.5
2016-10-06 CVE-2016-1000000 SQL Injection vulnerability in Ipswitch Whatsup Gold
Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
network
low complexity
ipswitch CWE-89
6.5