Check CVE Id
Check CWE Id
anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service (disk consumption) by using the command to report updates more frequently and fill the web server error log.
Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings.
Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface.
Back to Top