Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
Max CVSS
9.0
EPSS Score
0.20%
Published
2022-03-01
Updated
2022-03-09
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
Max CVSS
8.8
EPSS Score
1.11%
Published
2022-03-01
Updated
2022-03-09
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
Max CVSS
8.8
EPSS Score
0.21%
Published
2022-03-01
Updated
2022-03-09
An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
Max CVSS
8.8
EPSS Score
1.39%
Published
2022-03-01
Updated
2022-03-09
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.
Max CVSS
8.8
EPSS Score
0.21%
Published
2022-03-01
Updated
2022-03-09
netpub/server.np in Extensis Portfolio NetPublish has XSS in the quickfind parameter, aka Open Bug Bounty ID OBB-290447.
Max CVSS
6.1
EPSS Score
0.06%
Published
2018-01-01
Updated
2018-01-16
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
Max CVSS
7.8
EPSS Score
2.67%
Published
2020-01-02
Updated
2020-01-14
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
Max CVSS
7.8
EPSS Score
0.48%
Published
2020-01-02
Updated
2020-01-17
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
Max CVSS
7.8
EPSS Score
63.23%
Published
2020-01-02
Updated
2020-01-14
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.
Max CVSS
5.0
EPSS Score
1.68%
Published
2005-12-23
Updated
2016-10-18
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!