Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Chilisoft
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0634 1 Sun 1 Chilisoft 2024-11-20 7.2 HIGH N/A
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service.
CVE-2001-0633 1 Sun 1 Chilisoft 2024-11-20 5.0 MEDIUM N/A
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.
CVE-2001-0632 1 Sun 1 Chilisoft 2024-11-20 7.5 HIGH N/A
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.
CVE-2001-0229 1 Sun 1 Chilisoft 2024-11-20 7.2 HIGH N/A
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.