154 matches found
CVE-2024-53458
Sysax Multi Server 6.99 is vulnerable to a denial of service DoS condition when processing specially crafted SSH packets...
CVE-2024-53458
Sysax Multi Server 6.99 is affected by a denial-of-service (DoS) condition when processing specially crafted SSH packets. The issue affects Sysax Multi Server 6.99 (no other versions are confirmed here) and is evidenced by CVE-2024-53458 with a CVSSv3.1 base score of 7.5 (Network attack, low comp...
CVE-2024-53459
Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting XSS via the /scgi?sid parameter...
CVE-2024-53459
Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting XSS via the /scgi?sid parameter...
CVE-2024-53459
Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting XSS via the /scgi?sid parameter...
CVE-2024-53459
Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting XSS via the /scgi?sid parameter...
CVE-2024-53459
Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting (XSS) via the /scgi?sid parameter. This CVE (CVE-2024-53459) is documented across multiple sources (NVD, Red Hat, CNVD, CVE listing, etc.) with no explicit exploit details or mitigation guidance provided in the connected records. The v...
Sysax Multi Server 安全漏洞
Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows systems from Codeorigin, USA. A security vulnerability exists in Sysax Multi Server version 6.99 that stems from the presence of a cross-site scripting XSS attack via the /scgi?sid parameter...
Sysax Multi Server 6.99 SSH Denial Of Service
Exploit Title: Sysax Multi Server 6.99 - SSH Denial of Service Date: 2024-11-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Version: Sysax Multi Server 6.99 Tested on: Windows 10 x64 Steps -- Compil...
Sysax Multi Server 6.99 Cross Site Scripting
Exploit Title: Sysax Multi Server 6.99 - Reflected XSS Date: 2024-11-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Version: MultiServer 6.99 Tested on: Windows 10 x64 Reflected XSS - Affected...
Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service', 'Description' = %q This module sends a specially-crafted SSH Key Exchange causing t...
Sysax Multi Server 6.95 - (Password) Denial of Service Exploit
Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows...
Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)
Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS...
Sysax Multi Server 6.95 Denial Of Service
Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS...
CVE-2020-23574
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfilename1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash...
Buffer overflow
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfilename1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash...
CVE-2020-23574
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfilename1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash...
CVE-2020-23574
Sysax Multi Server 6.90 is affected. An authenticated user can modify the filename="" parameter in the uploadfile_name1.htm upload form to reach 368+ bytes, triggering a buffer overflow that causes the application to crash. Root cause is a overflow in handling long filenames during file upload. N...
CVE-2020-13229
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token...
CVE-2020-13227
An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username under which the web server is running by triggering an invalid path permission error. This bypasses the fakepath protection mechanism...