VYPR
Vendor

Chilkat Software

Products
12
CVEs
20
Across products
23
Status
Private

Products

12

Recent CVEs

20
  • CVE-2008-5002Nov 10, 2008
    risk 0.06cvss epss 0.41

    Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code…

  • CVE-2008-4343Sep 30, 2008
    risk 0.04cvss epss 0.09

    The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the (1) SaveToFile, (2) SaveToTempFile, or (3) AppendBinary method. NOTE: this issue…

  • CVE-2008-1647Apr 2, 2008
    risk 0.04cvss epss 0.07

    The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. NOTE: some of these…

  • CVE-2008-7022Aug 21, 2009
    risk 0.03cvss epss 0.05

    Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method.

  • CVE-2008-5853Jan 6, 2009
    risk 0.03cvss epss 0.03

    Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups…

  • CVE-2008-4584Oct 15, 2008
    risk 0.03cvss epss 0.05

    Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.

  • CVE-2008-4583Oct 15, 2008
    risk 0.03cvss epss 0.06

    Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method.

  • CVE-2008-2186May 13, 2008
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

  • CVE-2007-4252Aug 8, 2007
    risk 0.03cvss epss 0.02

    Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability…

  • CVE-2007-3633Jul 10, 2007
    risk 0.03cvss epss 0.03

    Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveLastError method and probably the (2) WriteExe…

  • CVE-2024-0693Jan 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been…

  • CVE-2022-28998May 23, 2022
    risk 0.00cvss epss 0.02

    Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code.

  • CVE-2020-14057Jul 1, 2020
    risk 0.00cvss epss 0.03

    Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments.

  • CVE-2020-14055Jul 1, 2020
    risk 0.00cvss epss 0.01

    Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.

  • CVE-2019-19668Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.

  • CVE-2019-19667Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.

  • CVE-2019-19664Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.

  • CVE-2008-2016Apr 30, 2008
    risk 0.00cvss epss 0.02

    PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute…

  • CVE-2008-2017Apr 30, 2008
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/.

  • CVE-2004-1429Dec 31, 2004
    risk 0.00cvss epss 0.01

    ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it easier for remote attackers to guess passwords via a brute force attack.