Vulnerabilities > Sambar > Sambar Server > 4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-05 | CVE-2005-3506 | Cross-Site Scripting vulnerability in Sambar Server Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field. network sambar | 4.3 |
| 2001-07-25 | CVE-2001-1106 | Unspecified vulnerability in Sambar Server The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure. | 7.5 |
| 1998-06-10 | CVE-1999-1178 | Unspecified vulnerability in Sambar Server 4.1 Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. | 5.0 |