Extensis : Security Vulnerabilities, CVEs,
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
Max CVSS
9.0
EPSS Score
0.20%
Published
2022-03-01
Updated
2022-03-09
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
Max CVSS
8.8
EPSS Score
1.11%
Published
2022-03-01
Updated
2022-03-09
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
Max CVSS
8.8
EPSS Score
0.21%
Published
2022-03-01
Updated
2022-03-09
An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
Max CVSS
8.8
EPSS Score
1.39%
Published
2022-03-01
Updated
2022-03-09
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.
Max CVSS
8.8
EPSS Score
0.21%
Published
2022-03-01
Updated
2022-03-09
netpub/server.np in Extensis Portfolio NetPublish has XSS in the quickfind parameter, aka Open Bug Bounty ID OBB-290447.
Max CVSS
6.1
EPSS Score
0.06%
Published
2018-01-01
Updated
2018-01-16
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
Max CVSS
7.8
EPSS Score
2.67%
Published
2020-01-02
Updated
2020-01-14
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
Max CVSS
7.8
EPSS Score
0.48%
Published
2020-01-02
Updated
2020-01-17
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
Max CVSS
7.8
EPSS Score
63.23%
Published
2020-01-02
Updated
2020-01-14
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.
Max CVSS
5.0
EPSS Score
1.68%
Published
2005-12-23
Updated
2016-10-18
10 vulnerabilities found