Search Results (109 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1884 2 Ipswitch, Progress 3 Ws Ftp Pro, Ws Ftp Server, Ws Ftp Server 2026-04-16 N/A
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
CVE-2005-3526 1 Ipswitch 1 Ipswitch Collaboration Suite 2026-04-16 N/A
Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command.
CVE-2006-2352 1 Ipswitch 1 Whatsup Professional 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-0911 1 Ipswitch 1 Whatsup 2026-04-16 N/A
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.
CVE-2006-4974 1 Ipswitch 1 Ws Ftp Server 2026-04-16 N/A
Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
CVE-2006-3552 1 Ipswitch 2 Ipswitch Collaboration Suite, Ipswitch Secure Server 2026-04-16 N/A
Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission.
CVE-2001-1282 1 Ipswitch 1 Imail 2026-04-16 N/A
Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information.
CVE-1999-1078 1 Ipswitch 1 Ws Ftp Pro 2026-04-16 N/A
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
CVE-1999-1170 2 Ipswitch, Progress 2 Imail, Ws Ftp Server 2026-04-16 N/A
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVE-1999-1171 2 Ipswitch, Progress 2 Imail, Ws Ftp Server 2026-04-16 N/A
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVE-1999-1551 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
CVE-1999-1557 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
CVE-2000-0056 1 Ipswitch 1 Imail 2026-04-16 N/A
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
CVE-2000-0780 1 Ipswitch 1 Imail 2026-04-16 N/A
The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack.
CVE-2000-0825 1 Ipswitch 1 Imail 2026-04-16 N/A
Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
CVE-2000-0839 1 Ipswitch 1 Wincom Lpd 2026-04-16 N/A
WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515).
CVE-2001-0039 1 Ipswitch 1 Imail 2026-04-16 N/A
IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes.
CVE-2001-0494 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header.
CVE-2002-0777 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.
CVE-2002-1077 1 Ipswitch 1 Imail 2026-04-16 N/A
IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field.