Progress Security Vulnerabilities
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
7AI Score
0.0004EPSS
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
7AI Score
0.0004EPSS
The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll.
7AI Score
0.006EPSS
Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD.
7.7AI Score
0.768EPSS
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
7.9AI Score
0.0004EPSS
Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the (1) PROMSGS or (2) PROTERMCAP environment variables.
7.9AI Score
0.0004EPSS
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environm...
7.8AI Score
0.001EPSS
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command.
7.5AI Score
0.067EPSS
Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter,...
7.1AI Score
0.0004EPSS
Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type.
8.1AI Score
0.0004EPSS
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.
8AI Score
0.957EPSS
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
7.5AI Score
0.814EPSS
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".
6.6AI Score
0.008EPSS
WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence.
6.3AI Score
0.027EPSS
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
6.7AI Score
0.058EPSS
Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username t...
7.5AI Score
0.019EPSS
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
6.9AI Score
0.013EPSS
Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.
7.2AI Score
0.387EPSS
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
7.3AI Score
0.969EPSS
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description wa...
6.6AI Score
0.966EPSS
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the descrip...
6.6AI Score
0.351EPSS
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName p...
7.3AI Score
0.022EPSS
Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information.
6.2AI Score
0.006EPSS
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: t...
8.1AI Score
0.126EPSS
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or...
6.7AI Score
0.089EPSS
Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line ...
7.8AI Score
0.004EPSS
Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message.
7AI Score
0.026EPSS
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.
7.5AI Score
0.045EPSS
SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter.
8.6AI Score
0.007EPSS
Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the attacking host.
5.7AI Score
0.002EPSS
Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter.
6.8AI Score
0.057EPSS
Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.
6.5CVSS
7.7AI Score
0.005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (...
6.9CVSS
6.4AI Score
0.002EPSS
The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.
9.8CVSS
9.5AI Score
0.001EPSS
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931.
9.8CVSS
9.5AI Score
0.005EPSS
Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
8.8CVSS
9.1AI Score
0.001EPSS
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries
7.5CVSS
7.3AI Score
0.001EPSS
Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.
9.8CVSS
9.4AI Score
0.007EPSS
Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.
5.4CVSS
5.3AI Score
0.001EPSS
Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1.
5.4CVSS
5.4AI Score
0.001EPSS
Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1.
5.4CVSS
5.3AI Score
0.001EPSS
Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1.
6.1CVSS
6.2AI Score
0.004EPSS
Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This is fixed in 10.1.
8.8CVSS
7AI Score
0.002EPSS
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Paramet...
6.1CVSS
5.9AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.
6.1CVSS
6.1AI Score
0.002EPSS
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading...
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. If the victim accesses the editor, the payload g...
6.1CVSS
6AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054.
6.1CVSS
6AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053.
6.1CVSS
6AI Score
0.002EPSS
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads.
7.5CVSS
7.3AI Score
0.002EPSS