Sawmill 5.0.21

CPE Details

Sawmill 5.0.21
sawmill
sawmill
5.0.21
2010-03-24
18h07 +00:00
2013-07-31
23h31 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:sawmill:sawmill:5.0.21:*:*:*:*:*:*:*

Informations

Vendor

sawmill

Product

sawmill

Version

5.0.21

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-4947 2013-07-29 21h00 +00:00 Unspecified vulnerability in the update and build database page in Sawmill before 8.6.3 allows remote attackers to have unknown impact and attack vectors.
7.5
CVE-2010-1079 2010-03-23 19h00 +00:00 Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
CVE-2005-1900 2005-06-08 02h00 +00:00 Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license.
7.5
CVE-2005-1901 2005-06-08 02h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) the username in the Add User window or (2) the license key in the Licensing page.
4.3
CVE-2000-0588 2000-10-13 02h00 +00:00 SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
5
CVE-2000-0589 2000-07-19 02h00 +00:00 SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
7.5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.