CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33035
https://notcve.org/view.php?id=CVE-2022-33035
XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. XLPD versiones v7.0.0094 y anteriores, contienen una vulnerabilidad de ruta de servicio no citada que permite a usuarios locales lanzar procesos con altos privilegios • https://github.com/ycdxsb/Vuln/blob/main/Xlpd-Unquoted-Service-Path/XLpd-Unquoted-Service-Path.md https://www.netsarang.com/en/xlpd-update-history • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2022-27965
https://notcve.org/view.php?id=CVE-2022-27965
Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Xlpd versiones v7.0.0094 y anteriores, contiene una vulnerabilidad de secuestro binario que permite a atacantes ejecutar código arbitrario por medio de un archivo .exe diseñado • https://github.com/ycdxsb/Vuln/tree/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xlpd-CreateProcessW-Misuse-Binary-Hijack https://www.netsarang.com/en/xlpd-update-history • CWE-428: Unquoted Search Path or Element •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2006-0148
https://notcve.org/view.php?id=CVE-2006-0148
NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number of connections from the same IP address. • http://securitytracker.com/id?1015444 http://www.ipomonis.com/advisories/xlpd.txt http://www.securityfocus.com/bid/16164 https://exchange.xforce.ibmcloud.com/vulnerabilities/24041 •