BigAnt Server v5.6.06 - Local File Inclusion

BigAnt Server v5.6.06 is vulnerable to local file inclusion. id: CVE-2022-23347 info: name: BigAnt Server v5.6.06 - Local File Inclusion author: 0xAkoko severity: high description: BigAnt Server v5.6.06 is vulnerable to local file inclusion. impact: | Successful exploitation of this vulnerability...

EUVD-2012-6128

Malware in sbrugna...

EUVD-2021-30363

Malicious code in bioql PyPI...

CVE-2012-6275

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...

CVE-2025-0364

CVE-2025-0364 (BigAntSoft BigAnt Server) affects BigAntSoft BigAnt Server up to and including version 5.6.06. The vulnerability allows unauthenticated remote code execution via the default SaaS account registration, where an attacker can create an administrative user and then upload/execute arbit...

CVE-2025-0364 BigAntSoft BigAnt Server Account Registration Bypass to File Upload RCE

BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the...

PT-2025-3851

Name of the Vulnerable Software and Affected Versions BigAntSoft BigAnt Server versions up to and including 5.6.06 Description The issue concerns unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the defaul...

BigAntSoft BigAnt office messenger SQL Injection Vulnerability

BigAntSoft BigAnt office messenger is a server/client instant messaging program for enterprise environments from BigAntSoft Australia. A SQL injection vulnerability exists in BigAntSoft BigAnt office messenger. The vulnerability can be exploited to conduct a SQL injection attack via the "devcode"...

BigAntSoft BigAnt office messenger 安全漏洞

BigAntSoft BigAnt office messenger is a server/client instant messaging program for enterprise environments from BigAntSoft Australia. A SQL injection vulnerability exists in BigAntSoft BigAnt office messenger. The vulnerability can be exploited to conduct a SQL injection attack via the "devcode"...

CVE-2021-43430

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via imwebserver, which could let a malicious user upload PHP Trojan files...

Improper access control

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via imwebserver, which could let a malicious user upload PHP Trojan files...

CVE-2021-43430

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via imwebserver, which could let a malicious user upload PHP Trojan files...

CVE-2021-43430

The CVE-2021-43430 vulnerability affects BigAntSoft BigAnt office messenger 5.6 via the im_webserver, described as an access-control flaw that could let a malicious user upload PHP Trojan files. The connected sources confirm the product and the attack vector (networks via im_webserver) and state ...

BigAntSoft BigAnt IM Message Server Multiple Vulnerabilities

BigAntSoft BigAnt IM Message Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-6275

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...

CVE-2012-6274

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...

CVE-2012-6273

SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU aka search user request...

Authentication flaw

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...

Stack overflow

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...

Sql injection

SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU aka search user request...