Centrinity: Security Vulnerabilities
OpenText FirstClass 8.0 client does not properly sanitize strings before passing them to the Windows ShellExecute API, which allows remote attackers to execute arbitrary commands via a UNC path in a bookmark.
CVSS Score
7.5
EPSS Score
0.011
Published
2005-05-02
Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory.
CVSS Score
5.0
EPSS Score
0.086
Published
2003-12-31
Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users.
CVSS Score
5.0
EPSS Score
0.006
Published
2001-08-22
FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header.
CVSS Score
5.0
EPSS Score
0.058
Published
2000-06-27