VYPR

Filemaker

by Filemaker

CVEs (12)

  • CVE-2016-1208HigMay 14, 2016
    risk 0.49cvss 7.5epss 0.01

    The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.

  • CVE-2014-8347Feb 11, 2020
    risk 0.03cvss epss 0.01

    An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges.

  • CVE-2023-42920Mar 19, 2024
    risk 0.00cvss epss 0.00

    Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on macOS.

  • CVE-2021-44147Nov 22, 2021
    risk 0.00cvss epss 0.01

    An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4.1 allows a remote attacker to disclose local files via a crafted XML/Excel document and perform server-side request forgery attacks.

  • CVE-2014-5322Sep 22, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix…

  • CVE-2014-5321Sep 22, 2014
    risk 0.00cvss epss 0.01

    FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect…

  • CVE-2013-3640Jun 10, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-2319Jun 10, 2013
    risk 0.00cvss epss 0.01

    FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2007-6104Nov 23, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Instant Web Publishing feature in FileMaker Pro 7 and 8, Server 7 and 8, and Developer 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2000-0385May 2, 2000
    risk 0.00cvss epss 0.02

    FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities.

  • CVE-2000-0386May 2, 2000
    risk 0.00cvss epss 0.01

    FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email.

  • CVE-2000-0123Feb 1, 2000
    risk 0.00cvss epss 0.02

    The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields.