Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exceed vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4729
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and previous versions allows remote malicious users to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be ...
Hummingbird Exceed
Hummingbird Exceed 9.0
Hummingbird Exceed 10.0
Hummingbird Exceed Powersuite
Hummingbird Exceed 2007
Hummingbird Exceed 2006
1 EDB exploit
NA
CVE-1999-1196
Hummingbird Exceed X version 5 allows remote malicious users to cause a denial of service via malformed data to port 6000.
Hummingbird Exceed 5.0
NA
CVE-1999-1280
Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file.
Hummingbird Exceed 6.0.1.0
NA
CVE-2004-2258
Xconfig in Hummingbird Exceed prior to 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab.
Hummingbird Exceed 9.0
NA
CVE-2013-6805
OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote malicious users to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file.
Opentext Exceed Ondemand 8.0
1 Github repository
NA
CVE-2013-6806
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle malicious users to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
Opentext Exceed Ondemand 8.0
1 Github repository
NA
CVE-2013-6807
The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle malicious users to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.
Opentext Exceed Ondemand 8.0
1 Github repository
NA
CVE-2013-6994
OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote malicious users to perform session fixation attacks by sniffing the network.
Opentext Exceed Ondemand 8.0
1 Github repository
7.5
CVSSv3
CVE-2023-41835
When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or ...
Apache Struts
NA
CVE-2023-38536
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site scripting.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »