Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exceed vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4729
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and previous versions allows remote malicious users to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be ...
Hummingbird Exceed
Hummingbird Exceed 9.0
Hummingbird Exceed 10.0
Hummingbird Exceed Powersuite
Hummingbird Exceed 2007
Hummingbird Exceed 2006
1 EDB exploit
NA
CVE-1999-1280
Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file.
Hummingbird Exceed 6.0.1.0
NA
CVE-1999-1196
Hummingbird Exceed X version 5 allows remote malicious users to cause a denial of service via malformed data to port 6000.
Hummingbird Exceed 5.0
NA
CVE-2004-2258
Xconfig in Hummingbird Exceed prior to 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab.
Hummingbird Exceed 9.0
NA
CVE-2013-6807
The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle malicious users to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.
Opentext Exceed Ondemand 8.0
1 Github repository
NA
CVE-2013-6994
OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote malicious users to perform session fixation attacks by sniffing the network.
Opentext Exceed Ondemand 8.0
1 Github repository
NA
CVE-2013-6805
OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote malicious users to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file.
Opentext Exceed Ondemand 8.0
1 Github repository
NA
CVE-2013-6806
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle malicious users to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
Opentext Exceed Ondemand 8.0
1 Github repository
7.5
CVSSv3
CVE-2023-41835
When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or ...
Apache Struts
NA
CVE-2023-38536
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site scripting.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »