Filtered by vendor Rhinosoft
Subscribe
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4154 | 1 Rhinosoft | 1 Ftp Voyager | 2024-11-21 | 9.3 HIGH | N/A |
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
CVE-2009-4873 | 1 Rhinosoft | 1 Serv-u | 2024-11-21 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie. | |||||
CVE-2007-1079 | 1 Rhinosoft | 1 Ftp Voyager | 2024-11-21 | 7.8 HIGH | N/A |
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. | |||||
CVE-2004-1939 | 1 Rhinosoft | 1 Zaep Antispam | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter. | |||||
CVE-2004-1691 | 1 Rhinosoft | 1 Dns4me | 2024-11-20 | 5.0 MEDIUM | N/A |
The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | |||||
CVE-2004-1690 | 1 Rhinosoft | 1 Dns4me | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. | |||||
CVE-2001-1103 | 1 Rhinosoft | 1 Ftp Voyager | 2024-11-20 | 7.5 HIGH | N/A |
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. |