Filtered by vendor Extensis Subscriptions
Total 10 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-24255 1 Extensis 1 Portfolio 2024-11-21 8.8 High
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
CVE-2022-24254 1 Extensis 1 Portfolio 2024-11-21 8.8 High
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
CVE-2022-24253 1 Extensis 1 Portfolio 2024-11-21 8.8 High
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
CVE-2022-24252 1 Extensis 1 Portfolio 2024-11-21 8.8 High
An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
CVE-2022-24251 1 Extensis 1 Portfolio 2024-11-21 8.8 High
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.
CVE-2017-18006 1 Extensis 1 Portfolio Netpublish 2024-11-21 N/A
netpub/server.np in Extensis Portfolio NetPublish has XSS in the quickfind parameter, aka Open Bug Bounty ID OBB-290447.
CVE-2013-3946 1 Extensis 1 Mrsid 2024-11-21 7.8 High
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
CVE-2013-3945 1 Extensis 1 Mrsid 2024-11-21 7.8 High
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
CVE-2013-3944 1 Extensis 1 Mrsid 2024-11-21 7.8 High
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
CVE-2005-4510 1 Extensis 1 Netpublish Server 2024-11-21 N/A
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.