Lucene search
K

154 matches found

OSV
OSV
added 2020/06/02 2:15 p.m.4 views

CVE-2020-13227

An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username under which the web server is running by triggering an invalid path permission error. This bypasses the fakepath protection mechanism...

5.3CVSS6.1AI score0.01869EPSS
Exploits1References3
NVD
NVD
added 2020/06/02 2:15 p.m.13 views

CVE-2020-13227

An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username under which the web server is running by triggering an invalid path permission error. This bypasses the fakepath protection mechanism...

5.3CVSS5.3AI score0.01869EPSS
Exploits1References3
NVD
NVD
added 2020/06/02 2:15 p.m.15 views

CVE-2020-13229

An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token...

8.8CVSS8.8AI score0.01607EPSS
Exploits1References2
Prion
Prion
added 2020/06/02 2:15 p.m.11 views

Authentication flaw

An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token...

6.8CVSS8.7AI score0.01607EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/06/02 2:15 p.m.17 views

Cross site scripting

An issue was discovered in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter...

4.3CVSS5.9AI score0.03075EPSS
Exploits4References4Affected Software1
Prion
Prion
added 2020/06/02 2:15 p.m.16 views

Design/Logic Flaw

An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username under which the web server is running by triggering an invalid path permission error. This bypasses the fakepath protection mechanism...

5CVSS5.3AI score0.01869EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/06/02 1:52 p.m.45 views

CVE-2020-13227

CVE-2020-13227 concerns Sysax Multi Server 6.90. The vulnerability arises in the web server component where triggering an invalid path permission error bypasses the fakepath protection, allowing an attacker to determine the username under which the server is running. Affected product: Sysax Multi...

5.3CVSS5.3AI score0.01869EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/06/02 1:51 p.m.25 views

CVE-2020-13228

An issue was discovered in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter...

6AI score0.03075EPSS
Exploits4References4
CVE
CVE
added 2020/06/02 1:51 p.m.76 views

CVE-2020-13228

CVE-2020-13228 affects Sysax Multi Server 6.90. The issue is a reflected Cross-Site Scripting vulnerability via the /scgi sid parameter, caused by insufficient validation in the web application. It allows execution of client-side scripts in a victim’s browser. Public references include a PoC/expl...

6.1CVSS5.9AI score0.03075EPSS
Exploits4References4Affected Software1
Cvelist
Cvelist
added 2020/06/02 1:44 p.m.22 views

CVE-2020-13229

An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token...

8.8AI score0.01607EPSS
Exploits1References2
CVE
CVE
added 2020/06/02 1:44 p.m.44 views

CVE-2020-13229

Sysax Multi Server 6.90 is affected by CVE-2020-13229, where an attacker can hijack a session by observing the sid authentication token in any /scgi URI. The vulnerability directly exposes session confidentiality and integrity, as the sid value acts as an authentication token. NVD reports CVSS v3...

8.8CVSS8.7AI score0.01607EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2020/02/04 12:0 a.m.1 views

Sysax Multi Server Denial of Service Vulnerability

Sysax Multi Server is an SSH2 and FTP server for Windows. A denial of service vulnerability exists in Sysax Multi Server. An attacker could exploit the vulnerability to crash the program...

6.7AI score
Exploits0References1
exploitpack
exploitpack
added 2020/01/20 12:0 a.m.80 views

Sysax Multi Server 5.50 - Denial of Service (PoC)

Sysax Multi Server 5.50 - Denial of Service PoC Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/20 12:0 a.m.188 views

Sysax Multi Server 5.50 Denial Of Service

Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi Server 5.50 Tested on: WIndow 7 CVE : if...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/01/20 12:0 a.m.132 views

Sysax Multi Server 5.50 - Denial of Service Exploit

Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi Server 5.50 Tested on: WIndow 7 CVE : if applicable 1 Download software install i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.271 views

Sysax Multi Server 5.50 - Denial of Service (PoC)

Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi Server 5.50 Tested on: WIndow 7 CVE : if...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2016/04/15 12:0 a.m.20 views

Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/29 12:0 a.m.12 views

Sysax Multi Server 6.50 远程代码执行漏洞

No description provided by source...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/03/21 12:0 a.m.27 views

Sysax Multi Server 6.50 - HTTP File Share Overflow Remote Code Execution (SEH)

Sysax Multi Server 6.50 - HTTP File Share Overflow Remote Code Execution SEH Exploit Title: Sysax Multi Server 6.50 HTTP File Share SEH Overflow RCE Exploit Date: 03/21/2016 Exploit Author: Paul Purcell Contact: ptpxploit at gmail Vendor Homepage: http://www.sysax.com/ Vulnerable Version Download...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/21 12:0 a.m.22 views

Sysax Multi Server 6.50 SEH Overflow

Exploit Title: Sysax Multi Server 6.50 HTTP File Share SEH Overflow RCE Exploit Date: 03/21/2016 Exploit Author: Paul Purcell Contact: ptpxploit at gmail Vendor Homepage: http://www.sysax.com/ Vulnerable Version Download: http://download.cnet.com/Sysax-Multi-Server/3000-21604-76171493.html 6.50 a...

0.1AI score
Exploits0
Rows per page
Query Builder