VYPR
Vendor

New Atlanta Communications

Products
5
CVEs
7
Across products
10
Status
Private

Products

5

Recent CVEs

7
  • CVE-2014-5370Apr 21, 2015
    risk 0.04cvss epss 0.08

    Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.

  • CVE-2006-2310Jun 26, 2006
    risk 0.04cvss epss 0.07

    BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of service (hang) via a request for a .cfm file whose name contains an MS-DOS device name such as (1) con, (2) aux, (3) com1, and (4) com2.

  • CVE-2002-0892Oct 4, 2002
    risk 0.04cvss epss 0.08

    The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.

  • CVE-2002-0893Oct 4, 2002
    risk 0.04cvss epss 0.08

    Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.

  • CVE-2002-0894Oct 4, 2002
    risk 0.03cvss epss 0.03

    NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.

  • CVE-2011-2078May 10, 2011
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2006-2311Jun 26, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to inject arbitrary web script or HTML via the filename in a request to a (1) .cfm or (2) .cfml file, which reflects the result in the default error page.