Vulnerabilities (CVE)

Filtered by vendor Altools Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7809 1 Altools 1 Alsong 2024-11-21 4.3 MEDIUM 4.4 MEDIUM
ALSong 3.46 and earlier version contain a Document Object Model (DOM) based cross-site scripting vulnerability caused by improper validation of user input. A remote attacker could exploit this vulnerability by tricking the victim to open ALSong Album(sab) file.
CVE-2007-4550 1 Altools 1 Alpass 2024-11-21 5.1 MEDIUM N/A
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.
CVE-2007-4549 1 Altools 1 Alpass 2024-11-21 6.8 MEDIUM N/A
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than the plaintext_length value.
CVE-2006-5950 1 Altools 1 Alftp Ftp Server 2024-11-21 5.0 MEDIUM N/A
Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information is unknown; details are obtained from third party sources.
CVE-2006-5949 1 Altools 1 Alftp Ftp Server 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD request. NOTE: the provenance of this information is unknown; details are obtained from third party sources.