bigantsoft 漏洞與 CVE 列表(17)

產品(CPE): — CVE 數: 17

bigantsoft 漏洞概覽

彙總 bigantsoft 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 SQL 注入、跨站腳本與CSRF 相關,可能在 軟體部署與生產負載 場景中帶來 資料外洩與檔案覆寫 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11717 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-0364 BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the attacker can upload and execute arbitrary PHP code using the "Cloud Storage Addin," leading to unauthenticated code execution. [email protected] 9.8 1.90% 2025-02-04 2026-06-17
CVE-2024-54761 BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter. [email protected] 6.3 1.73% 2025-01-09 2026-06-17
CVE-2021-43430 An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files. [email protected] 8.8 1.06% 2022-04-07 2026-06-17
CVE-2022-26281 BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. [email protected] 7.5 1.06% 2022-04-04 2026-07-04
CVE-2022-23352 An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). [email protected] 7.5 2.01% 2022-03-21 2026-07-04
CVE-2022-23350 BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability. [email protected] 5.4 0.79% 2022-03-21 2026-07-04
CVE-2022-23349 BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). [email protected] 8.8 0.71% 2022-03-21 2026-07-04
CVE-2022-23348 BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. [email protected] 5.3 3.38% 2022-03-21 2026-07-04
CVE-2022-23347 BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. [email protected] 7.5 13.12% 2022-03-21 2026-07-04
CVE-2022-23346 BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. [email protected] 8.8 1.62% 2022-03-21 2026-07-04
CVE-2022-23345 BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. [email protected] 7.5 1.74% 2022-03-21 2026-07-04
CVE-2012-6275 Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request. [email protected] 10.0 46.50% 2013-02-24 2026-06-16
CVE-2012-6274 BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors. [email protected] 5.0 46.87% 2013-02-24 2026-06-16
CVE-2012-6273 SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request. [email protected] 7.5 1.26% 2013-02-24 2026-06-16
CVE-2009-4661 Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. [email protected] 4.3 2.10% 2010-03-03 2026-06-16
CVE-2009-4660 Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660. [email protected] 10.0 62.12% 2010-03-03 2026-06-16
CVE-2008-1914 Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information. [email protected] 10.0 73.72% 2008-04-22 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence