VYPR

Softcms

by Moxa

CVEs (8)

  • CVE-2017-12729CriJan 18, 2018
    risk 0.64cvss 9.8epss 0.01

    A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the…

  • CVE-2016-9333CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input (SQL INJECTION).

  • CVE-2016-5792CriAug 8, 2016
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields.

  • CVE-2016-8360HigFeb 13, 2017
    risk 0.53cvss 8.1epss 0.02

    An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the…

  • CVE-2016-9332HigFeb 13, 2017
    risk 0.52cvss 7.5epss 0.08

    An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service…

  • CVE-2015-6458Mar 21, 2019
    risk 0.00cvss epss 0.03

    Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

  • CVE-2015-6457Mar 21, 2019
    risk 0.00cvss epss 0.03

    Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

  • CVE-2015-1000Jun 5, 2015
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.