5 matches found
CVE-2017-9650
CVE-2017-9650 affects Automated Logic Corporation (ALC) WebCTRL, i-Vu and SiteScan Web platforms. The vulnerability is an Unrestricted Upload of File with Dangerous Type that could allow an authenticated attacker to upload a malicious file and execute arbitrary code. Affected versions include Web...
CVE-2017-9644
CVE-2017-9644 — Normal mode Affected products (as per connected docs): Automated Logic Corporation WebCTRL, i-Vu, SiteScan Web 6.5 and prior; 6.1 and prior; 6.0 and prior; 5.5 and prior; 5.2 and prior. Root cause: An Unquoted Search Path or Element vulnerability in the installation paths. Impact:...
CVE-2018-8819
The CVE-2018-8819 issue affects Automated Logic Corporation (ALC) WebCTRL versions 6.0, 6.1 and 6.5. It is an XML External Entity (XXE) vulnerability in a weakly configured XML parser that allows an unauthenticated attacker to disclose full file contents from the underlying web server OS via the ...
CVE-2017-9640
CVE-2017-9640 describes a Path Traversal vulnerability in Automated Logic Corporation’s WebCTRL, i-Vu, and SiteScan Web products. Affected are WebCTRL/SiteScan Web 6.1 and prior; WebCTRL/i-Vu 6.0 and prior; WebCTRL/i-Vu/SiteScan Web 5.2, 5.5, and other older revisions; version 6.5 is not affected...
CVE-2016-5795
This CVE (CVE-2016-5795) affects Automated Logic Corporation WebCTRL, Liebert SiteScan Web (6.5 and earlier), and Carrier i-Vu (6.5 and earlier). Root cause: improper XML parsing configuration allowing XML External Entity (XXE) processing to be exploited via a weakly configured XML parser, enabli...