← Back

Bigant Server

bigant_server

Vendor: Bigantsoft • 10 CVEs

CVEs (10)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-0364
1Bigantsoft
1Bigant Server
Sep 29, 2025
Feb 4, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through...Show more
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the attacker can upload and execute arbitrary PHP code using the "Cloud Storage Addin," leading to unauthenticated code execution.Show less
CVE-2022-26281
1Bigantsoft
1Bigant Server
Nov 21, 2024
Apr 5, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
CVE-2022-23352
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
CVE-2022-23350
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
CVE-2022-23349
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
CVE-2022-23348
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
CVE-2022-23347
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
CVE-2022-23346
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
CVE-2022-23345
1Bigantsoft
1Bigant Server
Nov 21, 2024
Mar 21, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
CVE-2009-4661
1Bigantsoft
1Bigant Server
Apr 29, 2026
Mar 3, 2010
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim us...Show more
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.Show less