Filtered by vendor Progress Subscriptions
Total 168 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-4344 1 Progress 1 Whatsup Gold 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the attacking host.
CVE-2012-2601 1 Progress 1 Whatsup Gold 2024-11-21 N/A
SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter.
CVE-2008-0590 1 Progress 1 Ws Ftp Server 2024-11-21 N/A
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.
CVE-2007-3491 1 Progress 1 Openedge 2024-11-21 N/A
Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message.
CVE-2007-2602 1 Progress 1 Whatsup Gold 2024-11-21 N/A
Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.
CVE-2007-2506 1 Progress 2 Progress, Webspeed 2024-11-21 N/A
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO.
CVE-2007-2417 2 Progress, Rsa 4 Openedge, Progress, Ace Server and 1 more 2024-11-21 N/A
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491.
CVE-2007-2354 1 Progress 1 Webspeed Messenger 2024-11-21 N/A
Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information.
CVE-2007-2266 1 Progress 1 Webspeed Messenger 2024-11-21 N/A
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName parameter.
CVE-2006-5001 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2024-11-21 N/A
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
CVE-2006-5000 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2024-11-21 N/A
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
CVE-2006-4847 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2024-11-21 N/A
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
CVE-2004-1885 1 Progress 1 Ws Ftp Server 2024-11-21 N/A
Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.
CVE-2004-1884 2 Ipswitch, Progress 3 Ws Ftp Pro, Ws Ftp Server, Ws Ftp Server 2024-11-21 N/A
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
CVE-2004-1883 1 Progress 1 Ws Ftp Server 2024-11-21 N/A
Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.
CVE-2004-1848 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2024-11-21 N/A
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
CVE-2004-1643 1 Progress 1 Ws Ftp Server 2024-11-21 N/A
WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence.
CVE-2004-0799 2 Ipswitch, Progress 2 Whatsup Gold, Whatsup Gold 2024-11-21 N/A
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".
CVE-2004-0798 1 Progress 1 Whatsup Gold 2024-11-21 N/A
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
CVE-2003-0772 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2024-11-21 N/A
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.