Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysax vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2012-6530
Stack-based buffer overflow in Sysax Multi Server prior to 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
Sysax Multi Server
Sysax Multi Server 4.3
Sysax Multi Server 4.5
2 EDB exploits
4
CVSSv2
CVE-2009-4800
Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.
Sysax Multi Server 4.3
Sysax Multi Server 4.5
1 EDB exploit
9
CVSSv2
CVE-2009-4790
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sysax Multi Server 4.5
1 EDB exploit
4
CVSSv2
CVE-2020-23574
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash.
Sysax Multi Server 6.90
5
CVSSv2
CVE-2020-13227
An issue exists in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism.
Sysax Multi Server 6.90
1 Github repository
4.3
CVSSv2
CVE-2020-13228
An issue exists in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter.
Sysax Multi Server 6.90
1 Github repository
6.8
CVSSv2
CVE-2020-13229
An issue exists in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
Sysax Multi Server 6.90
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started