Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities by networkactiv

    CVE-2018-25235 (GCVE-0-2018-25235)

    Vulnerability from nvd – Published: 2026-03-30 11:02 – Updated: 2026-03-30 11:23
    VLAI
    Title
    NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS
    Summary
    NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding the expected buffer size through the Set username interface.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Networkactiv NetworkActiv Web Server Affected: 4.0 Pre-Alpha-3.7.2
    Create a notification for this product.
    Date Public
    2018-08-30 00:00
    Credits
    Victor Mondragón
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25235",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-30T11:22:45.919460Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-30T11:23:08.378Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NetworkActiv Web Server",
              "vendor": "Networkactiv",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0 Pre-Alpha-3.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Victor Mondrag\u00f3n"
            }
          ],
          "datePublic": "2018-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding the expected buffer size through the Set username interface."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-30T11:02:26.215Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-45302",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/45302"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.networkactiv.com/WebServer.html"
            },
            {
              "name": "Product Reference",
              "tags": [
                "product"
              ],
              "url": "https://www.networkactiv.com/Dev/"
            },
            {
              "name": "VulnCheck Advisory: NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/networkactiv-web-server-username-field-buffer-overflow-dos"
            }
          ],
          "title": "NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2018-25235",
        "datePublished": "2026-03-30T11:02:26.215Z",
        "dateReserved": "2026-03-30T11:00:34.259Z",
        "dateUpdated": "2026-03-30T11:23:08.378Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2006-0815 (GCVE-0-2006-0815)

    Vulnerability from nvd – Published: 2006-03-06 23:00 – Updated: 2024-08-07 16:48
    VLAI
    Summary
    NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-03-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:48:56.138Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16895",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16895"
              },
              {
                "name": "20060301 Secunia Research: NetworkActiv Web Server Script Source DisclosureVulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/426461/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2006-10/advisory"
              },
              {
                "name": "ADV-2006-0783",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0783"
              },
              {
                "name": "networkactiv-script-source-disclosure(24979)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24979"
              },
              {
                "name": "18947",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18947"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.networkactiv.com/WebServer.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a \"/\" (forward slash) after the file extension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16895",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16895"
            },
            {
              "name": "20060301 Secunia Research: NetworkActiv Web Server Script Source DisclosureVulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/426461/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2006-10/advisory"
            },
            {
              "name": "ADV-2006-0783",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0783"
            },
            {
              "name": "networkactiv-script-source-disclosure(24979)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24979"
            },
            {
              "name": "18947",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18947"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.networkactiv.com/WebServer.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0815",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a \"/\" (forward slash) after the file extension."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16895",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16895"
                },
                {
                  "name": "20060301 Secunia Research: NetworkActiv Web Server Script Source DisclosureVulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/426461/100/0/threaded"
                },
                {
                  "name": "http://secunia.com/secunia_research/2006-10/advisory",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2006-10/advisory"
                },
                {
                  "name": "ADV-2006-0783",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0783"
                },
                {
                  "name": "networkactiv-script-source-disclosure(24979)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24979"
                },
                {
                  "name": "18947",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18947"
                },
                {
                  "name": "http://www.networkactiv.com/WebServer.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.networkactiv.com/WebServer.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0815",
        "datePublished": "2006-03-06T23:00:00.000Z",
        "dateReserved": "2006-02-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:48:56.138Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2453 (GCVE-0-2005-2453)

    Vulnerability from nvd – Published: 2005-08-04 04:00 – Updated: 2024-08-07 22:29
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16301 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014624 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/14473 vdb-entryx_refsource_BID
    http://secunia.com/secunia_research/2005-31/advisory/ x_refsource_MISC
    http://www.osvdb.org/18525 vdb-entryx_refsource_OSVDB
    Date Public
    2005-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:29:59.716Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16301",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16301"
              },
              {
                "name": "1014624",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014624"
              },
              {
                "name": "networkactiv-xss(21696)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21696"
              },
              {
                "name": "14473",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14473"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2005-31/advisory/"
              },
              {
                "name": "18525",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18525"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16301",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16301"
            },
            {
              "name": "1014624",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014624"
            },
            {
              "name": "networkactiv-xss(21696)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21696"
            },
            {
              "name": "14473",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14473"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2005-31/advisory/"
            },
            {
              "name": "18525",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18525"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2453",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16301",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16301"
                },
                {
                  "name": "1014624",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014624"
                },
                {
                  "name": "networkactiv-xss(21696)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21696"
                },
                {
                  "name": "14473",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14473"
                },
                {
                  "name": "http://secunia.com/secunia_research/2005-31/advisory/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2005-31/advisory/"
                },
                {
                  "name": "18525",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18525"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2453",
        "datePublished": "2005-08-04T04:00:00.000Z",
        "dateReserved": "2005-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:29:59.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-25235 (GCVE-0-2018-25235)

    Vulnerability from cvelistv5 – Published: 2026-03-30 11:02 – Updated: 2026-03-30 11:23
    VLAI
    Title
    NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS
    Summary
    NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding the expected buffer size through the Set username interface.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Networkactiv NetworkActiv Web Server Affected: 4.0 Pre-Alpha-3.7.2
    Create a notification for this product.
    Date Public
    2018-08-30 00:00
    Credits
    Victor Mondragón
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25235",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-30T11:22:45.919460Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-30T11:23:08.378Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NetworkActiv Web Server",
              "vendor": "Networkactiv",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0 Pre-Alpha-3.7.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Victor Mondrag\u00f3n"
            }
          ],
          "datePublic": "2018-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding the expected buffer size through the Set username interface."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-30T11:02:26.215Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-45302",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/45302"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.networkactiv.com/WebServer.html"
            },
            {
              "name": "Product Reference",
              "tags": [
                "product"
              ],
              "url": "https://www.networkactiv.com/Dev/"
            },
            {
              "name": "VulnCheck Advisory: NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/networkactiv-web-server-username-field-buffer-overflow-dos"
            }
          ],
          "title": "NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2018-25235",
        "datePublished": "2026-03-30T11:02:26.215Z",
        "dateReserved": "2026-03-30T11:00:34.259Z",
        "dateUpdated": "2026-03-30T11:23:08.378Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2006-0815 (GCVE-0-2006-0815)

    Vulnerability from cvelistv5 – Published: 2006-03-06 23:00 – Updated: 2024-08-07 16:48
    VLAI
    Summary
    NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-03-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:48:56.138Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16895",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16895"
              },
              {
                "name": "20060301 Secunia Research: NetworkActiv Web Server Script Source DisclosureVulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/426461/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2006-10/advisory"
              },
              {
                "name": "ADV-2006-0783",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0783"
              },
              {
                "name": "networkactiv-script-source-disclosure(24979)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24979"
              },
              {
                "name": "18947",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18947"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.networkactiv.com/WebServer.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a \"/\" (forward slash) after the file extension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16895",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16895"
            },
            {
              "name": "20060301 Secunia Research: NetworkActiv Web Server Script Source DisclosureVulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/426461/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2006-10/advisory"
            },
            {
              "name": "ADV-2006-0783",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0783"
            },
            {
              "name": "networkactiv-script-source-disclosure(24979)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24979"
            },
            {
              "name": "18947",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18947"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.networkactiv.com/WebServer.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0815",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a \"/\" (forward slash) after the file extension."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16895",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16895"
                },
                {
                  "name": "20060301 Secunia Research: NetworkActiv Web Server Script Source DisclosureVulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/426461/100/0/threaded"
                },
                {
                  "name": "http://secunia.com/secunia_research/2006-10/advisory",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2006-10/advisory"
                },
                {
                  "name": "ADV-2006-0783",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0783"
                },
                {
                  "name": "networkactiv-script-source-disclosure(24979)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24979"
                },
                {
                  "name": "18947",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18947"
                },
                {
                  "name": "http://www.networkactiv.com/WebServer.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.networkactiv.com/WebServer.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0815",
        "datePublished": "2006-03-06T23:00:00.000Z",
        "dateReserved": "2006-02-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:48:56.138Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2453 (GCVE-0-2005-2453)

    Vulnerability from cvelistv5 – Published: 2005-08-04 04:00 – Updated: 2024-08-07 22:29
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16301 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014624 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/14473 vdb-entryx_refsource_BID
    http://secunia.com/secunia_research/2005-31/advisory/ x_refsource_MISC
    http://www.osvdb.org/18525 vdb-entryx_refsource_OSVDB
    Date Public
    2005-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:29:59.716Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16301",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16301"
              },
              {
                "name": "1014624",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014624"
              },
              {
                "name": "networkactiv-xss(21696)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21696"
              },
              {
                "name": "14473",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14473"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2005-31/advisory/"
              },
              {
                "name": "18525",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18525"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16301",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16301"
            },
            {
              "name": "1014624",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014624"
            },
            {
              "name": "networkactiv-xss(21696)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21696"
            },
            {
              "name": "14473",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14473"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2005-31/advisory/"
            },
            {
              "name": "18525",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18525"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2453",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16301",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16301"
                },
                {
                  "name": "1014624",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014624"
                },
                {
                  "name": "networkactiv-xss(21696)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21696"
                },
                {
                  "name": "14473",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14473"
                },
                {
                  "name": "http://secunia.com/secunia_research/2005-31/advisory/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2005-31/advisory/"
                },
                {
                  "name": "18525",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18525"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2453",
        "datePublished": "2005-08-04T04:00:00.000Z",
        "dateReserved": "2005-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:29:59.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }