Vulnerabilities (CVE)

Filtered by vendor Rhinosoft Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4154 1 Rhinosoft 1 Ftp Voyager 2024-11-21 9.3 HIGH N/A
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2009-4873 1 Rhinosoft 1 Serv-u 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
CVE-2007-1079 1 Rhinosoft 1 Ftp Voyager 2024-11-21 7.8 HIGH N/A
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
CVE-2004-1939 1 Rhinosoft 1 Zaep Antispam 2024-11-20 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.
CVE-2004-1691 1 Rhinosoft 1 Dns4me 2024-11-20 5.0 MEDIUM N/A
The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data.
CVE-2004-1690 1 Rhinosoft 1 Dns4me 2024-11-20 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.
CVE-2001-1103 1 Rhinosoft 1 Ftp Voyager 2024-11-20 7.5 HIGH N/A
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.