Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2616 | 1 Onnuri Infotek | 1 Activepost Standard | 2024-02-28 | 4.0 MEDIUM | N/A |
The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message. | |||||
CVE-2004-1547 | 1 Onnuri Infotek | 1 Activepost Standard | 2024-02-28 | 5.0 MEDIUM | N/A |
The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow. | |||||
CVE-2004-1549 | 1 Onnuri Infotek | 1 Activepost Standard | 2024-02-28 | 5.0 MEDIUM | N/A |
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection. | |||||
CVE-2004-1548 | 1 Onnuri Infotek | 1 Activepost Standard | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename. |