Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysax multi server vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2012-6530
Stack-based buffer overflow in Sysax Multi Server prior to 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
Sysax Multi Server
Sysax Multi Server 4.3
Sysax Multi Server 4.5
2 EDB exploits
4
CVSSv2
CVE-2009-4800
Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.
Sysax Multi Server 4.3
Sysax Multi Server 4.5
1 EDB exploit
9
CVSSv2
CVE-2009-4790
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sysax Multi Server 4.5
1 EDB exploit
6.8
CVSSv2
CVE-2020-13229
An issue exists in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
Sysax Multi Server 6.90
1 Github repository
4.3
CVSSv2
CVE-2020-13228
An issue exists in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter.
Sysax Multi Server 6.90
1 Github repository
4
CVSSv2
CVE-2020-23574
When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash.
Sysax Multi Server 6.90
5
CVSSv2
CVE-2020-13227
An issue exists in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism.
Sysax Multi Server 6.90
1 Github repository
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started