Show filters
16 Total Results
Displaying 1-10 of 16
Sort by:
Attacker Value
Unknown

CVE-2025-0364

Disclosure Date: February 04, 2025 (last updated February 05, 2025)
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the attacker can upload and execute arbitrary PHP code using the "Cloud Storage Addin," leading to unauthenticated code execution.
0
0
Attacker Value
Unknown

CVE-2021-43430

Disclosure Date: April 07, 2022 (last updated October 07, 2023)
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-26281

Disclosure Date: April 05, 2022 (last updated October 07, 2023)
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23352

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23350

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-23349

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-23348

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23347

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23346

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23345

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >