Vendor
Magic Software Enterprises
Products
4
CVEs
3
Across products
4
Status
Private
Products
4- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-52239 | 0.00 | — | 0.00 | Feb 6, 2024 | The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport. | |||
| CVE-2005-0315 | 0.00 | — | 0.01 | Jan 27, 2005 | The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning. | |||
| CVE-2001-1448 | 0.00 | — | 0.01 | Dec 17, 2001 | Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts. |
- CVE-2023-52239Feb 6, 2024risk 0.00cvss —epss 0.00
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport.
- CVE-2005-0315Jan 27, 2005risk 0.00cvss —epss 0.01
The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.
- CVE-2001-1448Dec 17, 2001risk 0.00cvss —epss 0.01
Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.