Vulnerabilities > Sambar > Sambar Server > 4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-05 | CVE-2005-3506 | Cross-Site Scripting vulnerability in Sambar Server Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field. network sambar | 4.3 |
| 2001-07-25 | CVE-2001-1106 | Unspecified vulnerability in Sambar Server The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure. | 7.5 |
| 2000-11-14 | CVE-2000-0835 | Unspecified vulnerability in Sambar Server 4.3/4.4 search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter. | 5.0 |
| 2000-06-01 | CVE-2000-0509 | Buffer Overflow vulnerability in Sambar Server 4.3 Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote attackers to execute arbitrary commands via a long hostname. | 10.0 |