Shodan
Vulnerabilities
Vulnerable Software
Extensis:  Security Vulnerabilities
CVE-2022-24251
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-03-01
CVE-2022-24252
An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
CVSS Score
8.8
EPSS Score
0.024
Published
2022-03-01
CVE-2022-24253
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-03-01
CVE-2022-24254
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
CVSS Score
8.8
EPSS Score
0.025
Published
2022-03-01
CVE-2022-24255
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-03-01
CVE-2013-3944
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
CVSS Score
7.8
EPSS Score
0.108
Published
2020-01-02
CVE-2013-3945
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
CVSS Score
7.8
EPSS Score
0.018
Published
2020-01-02
CVE-2013-3946
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
CVSS Score
7.8
EPSS Score
0.049
Published
2020-01-02
CVE-2017-18006
netpub/server.np in Extensis Portfolio NetPublish has XSS in the quickfind parameter, aka Open Bug Bounty ID OBB-290447.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-01-01
CVE-2005-4510
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.
CVSS Score
5.0
EPSS Score
0.05
Published
2005-12-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved