10 matches found
CVE-2023-33284
Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote attacker authenticated as any user is able to execute code in context of the web server...
CVE-2023-33283
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key...
Marval MSM 代码问题漏洞
Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM that stems from the presence of a remote code execution vulnerability. An attacker could exploit the vulnerability to execute code in the context of a web server. Affected...
Marval MSM 安全漏洞
Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM that stems from the presence of a system account with default credentials that allows an attacker to log in and create a valid session. Affected products and versions: Marval M...
CVE-2022-31885
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts...
Marval MSM 操作系统命令注入漏洞
Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM version v14.19.0.12476, which stems from insecure handling of VBScript, resulting in vulnerability to operating system command injection...
Marval MSM 安全漏洞
Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM version v14.19.0.12476. An attacker has exploited the vulnerability to delete other users API keys...
Marval MSM 安全漏洞
Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM version v14.19.0.12476. An attacker has exploited the vulnerability to achieve elevation of privilege, which can be used to change the passwords of other users...
Marval MSM 跨站请求伪造漏洞
Marval MSM is an innovative IT service management software from Marval UK. The Marval MSM v14.19.0.12476 release has a cross-site request forgery vulnerability that can be exploited by an attacker to disable 2FA by sending a malicious form to a user...
Marval MSM 14.19.0.12476 Remote Code Execution
Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed...