Bigantsoft: Security Vulnerabilities
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-04-07
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-05
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
CVSS Score
7.5
EPSS Score
0.735
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
CVSS Score
5.3
EPSS Score
0.012
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
CVSS Score
8.8
EPSS Score
0.002
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-03-21
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.009
Published
2022-03-21
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.
CVSS Score
7.5
EPSS Score
0.003
Published
2013-02-24
Page 1