← Back

Ipswitch

ipswitch

109 CVEs • 26 products

Products (26)

Click to collapse
Toggle
Imail
imail
38 CVEs
Ws Ftp Server
ws_ftp_server
13 CVEs
Ipswitch Collaboration Suite
ipswitch_collaboration_suite
13 CVEs
Imail Server
imail_server
12 CVEs
Ws Ftp
ws_ftp
8 CVEs
Whatsup Professional
whatsup_professional
7 CVEs
Ws Ftp Pro
ws_ftp_pro
6 CVEs
Moveit Dmz
moveit_dmz
5 CVEs
Whatsup
whatsup
3 CVEs
Imserver
imserver
3 CVEs
Instant Messaging
instant_messaging
3 CVEs
Moveit Mobile
moveit_mobile
3 CVEs
Moveit Transfer
moveit_transfer
3 CVEs
Imail Plus
imail_plus
2 CVEs
Ws Ftp Home
ws_ftp_home
2 CVEs
Wincom Lpd
wincom_lpd
1 CVE
Whatsup Gold
whatsup_gold
1 CVE
Imail Express
imail_express
1 CVE
Whatsup Small Business
whatsup_small_business
1 CVE
Ipswitch Secure Server
ipswitch_secure_server
1 CVE
Imail Secure Server
imail_secure_server
1 CVE
Imail Premium
imail_premium
1 CVE
Imail Client
imail_client
1 CVE
Tftp Server
tftp_server
1 CVE
Moveit Transfer 2017
moveit_transfer_2017
1 CVE
Moveit
moveit
1 CVE

CVEs (109)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-0666
1Ipswitch
1Ws Ftp Server
Apr 23, 2026
Feb 2, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module.
CVE-2007-0665
1Ipswitch
1Ws Ftp Pro
Apr 23, 2026
Feb 2, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP scri...Show more
Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command.Show less
CVE-2007-0330
1Ipswitch
1Ws Ftp Pro
Apr 23, 2026
Jan 18, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:/...Show more
Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors.Show less
CVE-2006-5001
2Ipswitch
Progress
2Ws Ftp Server
Ws Ftp Server
Apr 16, 2026
Sep 26, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary t...Show more
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.Show less
CVE-2006-5000
2Ipswitch
Progress
2Ws Ftp Server
Ws Ftp Server
Apr 16, 2026
Sep 26, 2006
N/A· v4
N/A· v3
6.5 MEDIUM· v2
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. N...Show more
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.Show less
CVE-2006-4974
1Ipswitch
1Ws Ftp Server
Apr 16, 2026
Sep 25, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
CVE-2006-4847
2Ipswitch
Progress
2Ws Ftp Server
Ws Ftp Server
Apr 16, 2026
Sep 19, 2006
N/A· v4
N/A· v3
6.5 MEDIUM· v2
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
CVE-2006-4379
1Ipswitch
3Imail Plus
Imail Secure ServerIpswitch Collaboration Suite
Apr 16, 2026
Sep 8, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string l...Show more
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.Show less
CVE-2006-3552
1Ipswitch
2Ipswitch Collaboration Suite
Ipswitch Secure Server
Apr 16, 2026
Jul 13, 2006
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implem...Show more
Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission.Show less
CVE-2006-2531
1Ipswitch
1Whatsup
Apr 16, 2026
May 22, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswit...Show more
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole".Show less
CVE-2006-2357
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp.
CVE-2006-2356
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain sensitive information about network nodes via a modified nDeviceGroupID parame...Show more
NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter.Show less
CVE-2006-2355
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote attackers to obtain full path information via 404 error messages. NOTE: the provenance of this information is unknown; the...Show more
Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote attackers to obtain full path information via 404 error messages. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2006-2354
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the pr...Show more
NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2006-2353
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl p...Show more
NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters.Show less
CVE-2006-2352
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmC...Show more
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2006-2351
1Ipswitch
1Whatsup Professional
Apr 16, 2026
May 15, 2006
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2)...Show more
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp.Show less
CVE-2006-0911
1Ipswitch
1Whatsup
Apr 16, 2026
Feb 28, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameter...Show more
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.Show less
CVE-2005-3526
1Ipswitch
1Ipswitch Collaboration Suite
Apr 16, 2026
Dec 31, 2005
N/A· v4
N/A· v3
6.5 MEDIUM· v2
Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command.
CVE-2005-1939
1Ipswitch
1Whatsup Small Business
Apr 16, 2026
Dec 31, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in a request to the Report service (TCP 8022).