Lucene search
K
MoxaSoftcms

7 matches found

CVE
CVE
added 2017/02/13 9:0 p.m.59 views

CVE-2016-9332

CVE-2016-9332 affects Moxa SoftCMS Webserver prior to version 1.6. The vulnerability stems from improper input validation in the ASP Webserver, allowing an attacker to provide unexpected values that can crash the application or cause excessive resource consumption, potentially leading to a denial...

7.8CVSS7.4AI score0.08239EPSS
Web
CVE
CVE
added 2019/03/21 7:23 p.m.55 views

CVE-2015-6458

CVE-2015-6458 describes a heap/classic buffer overflow in Moxa SoftCMS 1.3 and earlier that may crash or allow remote code execution. Public documentation ties the issue to buffer overflow weaknesses in SoftCMS prior to version 1.4, which Moxa released on 2015-06-01 to address the vulnerability b...

8.8CVSS9.2AI score0.02797EPSS
CVE
CVE
added 2019/03/21 7:12 p.m.53 views

CVE-2015-6457

CVE-2015-6457 relates to Moxa SoftCMS 1.3 and earlier, which are susceptible to a buffer overflow that could crash or allow remote code execution. Moxa released SoftCMS 1.4 on 2015-06-01 to address the vulnerability. Connected advisories (ZDI) describe multiple heap-based buffer overflow vulnerab...

8.8CVSS9.1AI score0.02797EPSS
CVE
CVE
added 2016/08/08 12:0 a.m.47 views

CVE-2016-5792

Moxa SoftCMS SQL Injection (CVE-2016-5792) affects SoftCMS versions before 1.5. The vulnerability stems from improper input validation, allowing remote attackers to craft inputs that execute arbitrary SQL commands via unspecified fields (getcaminfo.asp is cited by ZDI as a risk vector). Impact de...

9.8CVSS9.9AI score0.03037EPSS
CVE
CVE
added 2017/02/13 9:0 p.m.45 views

CVE-2016-8360

CVE-2016-8360 affects Moxa SoftCMS Webserver in versions before 1.6. A specially crafted URL request can trigger a double-free condition, enabling memory corruption that could lead to denial of service or arbitrary code execution. Severity is high (CVSSv3 base 8.1) with network access required an...

8.1CVSS8AI score0.02072EPSS
CVE
CVE
added 2017/02/13 9:0 p.m.43 views

CVE-2016-9333

CVE-2016-9333 affects Moxa SoftCMS prior to version 1.6. The SoftCMS Webserver fails to properly sanitize input, enabling SQL Injection that could allow a remote attacker to gain administrator privileges. The vulnerability has been assigned CVSS v3 base score 9.8 (CRITICAL) with network access, n...

9.8CVSS9.2AI score0.01885EPSS
CVE
CVE
added 2015/06/05 10:0 a.m.41 views

CVE-2015-1000

This CVE (CVE-2015-1000) affects Moxa SoftCMS prior to v1.3 and specifically the RTSPVIDEO.rtspvideoCtrl.1 ActiveX control. The vulnerability is a stack-based buffer overflow in the OpenForIPCamTest method (via the StrRtspPath parameter) that allows remote code execution. Exploitation is remote (...

6.8CVSS8.3AI score0.03285EPSS