Una: Security Vulnerabilities
studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-08-09
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing.
CVSS Score
4.8
EPSS Score
0.003
Published
2019-08-09
Multiple interpretation error in unspecified versions of UNA Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVSS Score
5.1
EPSS Score
0.003
Published
2005-10-14