Vulnerabilities > Sysax

DATE CVE VULNERABILITY TITLE RISK
2020-08-19 CVE-2020-23574 Unrestricted Upload of File with Dangerous Type vulnerability in Sysax Multi Server 6.90
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm form to a length of 368 or more bytes.
network
low complexity
sysax CWE-434
4.0
4.0
2020-06-02 CVE-2020-13229 Session Fixation vulnerability in Sysax Multi Server 6.90
An issue was discovered in Sysax Multi Server 6.90.
network
sysax CWE-384
6.8
6.8
2020-06-02 CVE-2020-13228 Cross-site Scripting vulnerability in Sysax Multi Server 6.90
An issue was discovered in Sysax Multi Server 6.90.
network
sysax CWE-79
4.3
4.3
2020-06-02 CVE-2020-13227 Path Traversal vulnerability in Sysax Multi Server 6.90
An issue was discovered in Sysax Multi Server 6.90.
network
low complexity
sysax CWE-22
5.0
5.0
2013-01-31 CVE-2012-6530 Buffer Errors vulnerability in Sysax Multi Server 4.3/4.5/5.50
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
network
high complexity
sysax CWE-119
7.1
7.1
2010-04-22 CVE-2009-4800 Path Traversal vulnerability in Sysax Multi Server 4.3/4.5
Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.
network
low complexity
sysax CWE-22
4.0
4.0
2010-04-22 CVE-2009-4790 Path Traversal vulnerability in Sysax Multi Server 4.5
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands.
network
low complexity
sysax CWE-22
critical
 9.0
9.0