Sage Group Sage 300 安全漏洞

Sage Group Sage 300 is a well-established closed-source Enterprise Resource Planning ERP solution from Sage Group UK designed to facilitate business management. A security vulnerability exists in Sage Group Sage 300 versions 2017 through 2022 6.4.x - 6.9.x that stems from a low-privileged Sage 30...

CVE-2023-2140

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application...

CVE-2023-2140

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application...

CVE-2023-2139

A reflected Cross-site Scripting XSS Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code...

CVE-2023-2141 Unsafe .NET object deserialization affecting DELMIA Apriso Release 2017 through Release 2022

An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution...

CVE-2023-2140 Server-Side Request Forgery vulnerability affecting DELMIA Apriso Release 2017 through Release 2022

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application...

Dassault Systèmes DELMIA Apriso 代码问题漏洞

Dassault Systèmes DELMIA Apriso is an interactive manufacturing application for digital enterprises from Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes DELMIA Apriso versions 2017 through 2022, which stems from the presence of a service area request forgery...

PT-2023-18182 · Dassault Systèmes · Delmia Apriso

Name of the Vulnerable Software and Affected Versions: DELMIA Apriso versions 2017 through 2022 Description: An unsafe .NET object deserialization could lead to post-authentication remote code execution. Recommendations: For DELMIA Apriso versions 2017 through 2022, update to a version that fixes...

PT-2023-3048 · Dassault Systèmes · Delmia Apriso

Name of the Vulnerable Software and Affected Versions: DELMIA Apriso versions Release 2017 through Release 2022 Description: The issue is related to a reflected Cross-site Scripting XSS vulnerability. This vulnerability can be exploited by a remote attacker to execute arbitrary script code,...

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the “JAWS webserver RCE”...