Lucene search

Filemaker Pro Security Vulnerabilities

cve

CVE-2023-42920

Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on...

6.8AI Score

0.0004EPSS

2024-03-19 05:15 PM

cve

CVE-2013-2319

FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

5.9AI Score

0.001EPSS

2022-10-03 04:15 PM

cve

CVE-2013-3640

Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.7AI Score

0.001EPSS

2022-10-03 04:14 PM

cve

CVE-2021-44147

An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4.1 allows a remote attacker to disclose local files via a crafted XML/Excel document and perform server-side request forgery...

5.5CVSS

5.4AI Score

0.002EPSS

2021-11-22 10:15 PM

cve

CVE-2014-8347

An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated...

7.8CVSS

7.5AI Score

0.002EPSS

2020-02-11 02:15 PM

cve

CVE-2014-5322

Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for...

5.8AI Score

0.002EPSS

2014-09-22 01:55 AM

cve

CVE-2014-5321

FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for...

6AI Score

0.001EPSS

2014-09-22 01:55 AM

cve

CVE-2007-6104

Cross-site scripting (XSS) vulnerability in the Instant Web Publishing feature in FileMaker Pro 7 and 8, Server 7 and 8, and Developer 7 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.7AI Score

0.003EPSS

2007-11-23 08:46 PM

cve

CVE-2000-0386

FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged...

7.1AI Score

0.006EPSS

2000-06-15 04:00 AM

cve

CVE-2000-0385

FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email...

6.8AI Score

0.002EPSS

2000-06-15 04:00 AM

cve

CVE-2000-0123

The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form...

6.7AI Score

0.007EPSS

2000-02-08 05:00 AM