bzyo/cve-pocs
GitHub
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 7.5 HIGH | 5 MEDIUM | ||
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. | |||
| 8.8 HIGH | 6.8 MEDIUM | ||
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). | |||
| 7.5 HIGH | 5 MEDIUM | ||
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. | |||
| 7.5 HIGH | 5 MEDIUM | ||
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. | |||
| 5.3 MEDIUM | 5 MEDIUM | ||
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. | |||
| 5.4 MEDIUM | 3.5 LOW | ||
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability. | |||
| 7.5 HIGH | 5 MEDIUM | ||
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. | |||
| 5.4 MEDIUM | 3.5 LOW | ||
RainbowFish PacsOne Server 6.8.4 allows XSS. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page. | |||
| — | 3.5 LOW | ||
PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration, (2) description field in the print server configuration, and (3) username field for authentication to print as guest. | |||
| — | 1.9 LOW | ||
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding, which allows local users to obtain credentials for a domain user by reading the cps_config.xml file. | |||