VYPR
Vendor

Sibsoft

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2019-18952CriNov 13, 2019
    risk 0.67cvss 9.8epss 0.45

    SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.

  • CVE-2019-18951HigNov 13, 2019
    risk 0.53cvss 7.5epss 0.20

    SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.

  • CVE-2006-1944Apr 20, 2006
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi.