Filtered by vendor Redhat Subscriptions
Filtered by product Interchange Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-1138 1 Redhat 1 Interchange 2022-10-03 N/A
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
CVE-2020-12685 1 Redhat 1 Interchange 2020-05-18 6.1 Medium
XSS in the admin help system admin/help.html and admin/quicklinks.html in Interchange 4.7.0 through 5.11.x allows remote attackers to steal credentials or data via browser JavaScript.
CVE-2002-0874 1 Redhat 1 Interchange 2008-09-10 N/A
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.