CVE-2006-0172
https://notcve.org/view.php?id=CVE-2006-0172
Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting. • http://secunia.com/advisories/18411 http://www.securenetwork.it/advisories/sn-2006-01.html http://www.securityfocus.com/archive/1/421392/100/0/threaded http://www.securityfocus.com/bid/16195 http://www.vupen.com/english/advisories/2006/0145 https://exchange.xforce.ibmcloud.com/vulnerabilities/24067 •
CVE-2006-0173 – Hummingbird Collaboration - Crafted URL File Property Obscuration Download
https://notcve.org/view.php?id=CVE-2006-0173
Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified doc_ext and id parameters, which might trick a user into downloading dangerous or unexpected content. • https://www.exploit-db.com/exploits/27061 http://secunia.com/advisories/18411 http://www.securenetwork.it/advisories/sn-2006-01.html http://www.securityfocus.com/archive/1/421392/100/0/threaded http://www.securityfocus.com/bid/16195 http://www.vupen.com/english/advisories/2006/0145 https://exchange.xforce.ibmcloud.com/vulnerabilities/24068 •
CVE-2006-0174 – Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure
https://notcve.org/view.php?id=CVE-2006-0174
Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to obtain sensitive information (intranet IP addresses and enumerations of valid parameter values) via a direct request to hc, which reveals the information in an error message or a cookie. • https://www.exploit-db.com/exploits/27062 http://secunia.com/advisories/18411 http://securityreason.com/securityalert/328 http://www.securenetwork.it/advisories/sn-2006-01.html http://www.securityfocus.com/archive/1/421392/100/0/threaded http://www.securityfocus.com/bid/16195 http://www.vupen.com/english/advisories/2006/0145 https://exchange.xforce.ibmcloud.com/vulnerabilities/24069 •
CVE-2005-2599
https://notcve.org/view.php?id=CVE-2005-2599
Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial encoding) to store the user's password in the FTP profile, which allows attackers to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2005-08/0219.html http://secunia.com/advisories/16430 http://www.osvdb.org/18734 http://www.securityfocus.com/bid/14559 https://exchange.xforce.ibmcloud.com/vulnerabilities/21811 •
CVE-2005-1815 – Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1815
Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe). • https://www.exploit-db.com/exploits/16337 http://connectivity.hummingbird.com/support/nc/exceed/ftpd_advisory.html?cks=y http://connectivity.hummingbird.com/support/nc/exceed/lpdw_advisory.html http://secunia.com/advisories/15557 http://www.securityfocus.com/bid/13788 http://www.securityfocus.com/bid/13790 - •