Filtered by vendor Netwin
Subscriptions
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1714 | 1 Netwin | 1 Surgemail | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2000-0422 | 1 Netwin | 1 Dmail | 2025-04-03 | N/A |
| Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. | ||||
| CVE-2000-0423 | 1 Netwin | 1 Dnews | 2025-04-03 | N/A |
| Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag. | ||||
| CVE-2000-0609 | 1 Netwin | 2 Cwmail, Dmailweb | 2025-04-03 | N/A |
| NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter. | ||||
| CVE-2000-0608 | 1 Netwin | 2 Cwmail, Dmailweb | 2025-04-03 | N/A |
| NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost). | ||||
| CVE-2002-0290 | 1 Netwin | 1 Webnews | 2025-04-03 | N/A |
| Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. | ||||
| CVE-2000-0782 | 1 Netwin | 1 Netauth | 2025-04-03 | N/A |
| netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2002-0310 | 1 Netwin | 1 Webnews | 2025-04-03 | N/A |
| Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879. | ||||
| CVE-2001-0698 | 1 Netwin | 1 Surgeftp | 2025-04-03 | N/A |
| Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command. | ||||
| CVE-2001-1356 | 1 Netwin | 1 Surgeftp | 2025-04-03 | N/A |
| NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. | ||||
| CVE-2002-0273 | 1 Netwin | 1 Cwmail | 2025-04-03 | N/A |
| Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter. | ||||
| CVE-2005-0846 | 1 Netwin | 1 Surgemail | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. | ||||