Axiom Security Vulnerabilities

CVE-2023-42128

Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must...

CVE-2012-2455

Advanced Productivity Software DTE Axiom before 12.3.3 does not validate the registration ID, which allows remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified...

CVE-2015-5462

AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard...

CVE-2015-5384

AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation...

CVE-2015-5463

AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a...

CVE-2014-1640

axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new...

CVE-2007-0200

PHP remote file inclusion vulnerability in template.php in Geoffrey Golliher Axiom Photo/News Gallery (axiompng) 0.8.6 allows remote attackers to execute arbitrary PHP code via a URL in the baseAxiomPath...