Vulnerabilities > Sysax
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-19 | CVE-2020-23574 | Unrestricted Upload of File with Dangerous Type vulnerability in Sysax Multi Server 6.90 When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm form to a length of 368 or more bytes. | 4.0 |
2020-06-02 | CVE-2020-13229 | Session Fixation vulnerability in Sysax Multi Server 6.90 An issue was discovered in Sysax Multi Server 6.90. | 6.8 |
2020-06-02 | CVE-2020-13228 | Cross-site Scripting vulnerability in Sysax Multi Server 6.90 An issue was discovered in Sysax Multi Server 6.90. | 4.3 |
2020-06-02 | CVE-2020-13227 | Path Traversal vulnerability in Sysax Multi Server 6.90 An issue was discovered in Sysax Multi Server 6.90. | 5.0 |
2013-01-31 | CVE-2012-6530 | Buffer Errors vulnerability in Sysax Multi Server 4.3/4.5/5.50 Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request. | 7.1 |
2010-04-22 | CVE-2009-4800 | Path Traversal vulnerability in Sysax Multi Server 4.3/4.5 Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command. | 4.0 |
2010-04-22 | CVE-2009-4790 | Path Traversal vulnerability in Sysax Multi Server 4.5 Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. | 9.0 |