Lucene search
K
Interchange Development GroupInterchange

5 matches found

CVE
CVE
added 2004/04/06 4:0 a.m.50 views

CVE-2004-0374

CVE-2004-0374 affects Interchange prior to 5.0.1. The root cause is missing input sanitising, enabling remote attackers to expose the content of arbitrary variables and read or modify sensitive SQL information via an HTTP request ending with SQLUSER . The Debian advisories (DSA-471) note fixes: w...

6.4CVSS6.8AI score0.02825EPSS
CVE
CVE
added 2005/09/27 4:0 a.m.49 views

CVE-2005-3073

Interchange 5.0.1 has an unspecified vulnerability that, when a catalog is created with the demo suites (mike, standard, or foundation), allows injection of Interchange Tag Language (ITL) elements into the forum/submit.html page. Affected products/versions include Interchange 4.9.3, 5.0 before 5....

5CVSS6.5AI score0.01307EPSS
CVE
CVE
added 2007/05/13 11:0 p.m.49 views

CVE-2007-2635

CVE-2007-2635 affects Interchange prior to 5.4.2 (and related lines) with an unspecified vulnerability that allows remote attackers to cause a denial of service (potential server hang) via crafted HTTP requests. Multiple sources confirm the issue and the fix is to upgrade to Interchange 5.4.2 or ...

7.8CVSS6.5AI score0.02346EPSS
CVE
CVE
added 2005/09/27 4:0 a.m.45 views

CVE-2005-3072

CVE-2005-3072 corresponds to a SQL injection in Interchange that affects versions 4.9.3 up to 5.2.0, specifically via the forum/submit.html handling. The vulnerability allows remote attackers to execute arbitrary SQL commands; the exact injection vectors are not clearly described in the provided ...

7.5CVSS8.4AI score0.01919EPSS
CVE
CVE
added 2008/05/23 3:0 p.m.42 views

CVE-2008-2423

Interchange vulnerability CVE-2008-2423 affects Interchange prior to 5.6.0 and prior to 5.5.2, allowing remote DoS via crafted HTTP requests. Root cause not detailed in the provided documents. Impact is denial of service; no exploitation status is stated. Remediation indicated by the references i...

10CVSS6.5AI score0.03969EPSS