3 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/488684 http://www.procheckup.com/security_info/vuln_pr0305.html http://www.securityfocus.com/bid/8815 https://exchange.xforce.ibmcloud.com/vulnerabilities/13399 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/989580 http://www.procheckup.com/security_info/vuln_pr0302.html https://exchange.xforce.ibmcloud.com/vulnerabilities/13397 •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/715548 http://www.procheckup.com/security_info/vuln_pr0303.html http://www.securityfocus.com/bid/8816 https://exchange.xforce.ibmcloud.com/vulnerabilities/13398 •