Lucene search
+L

54 matches found

CNNVD
CNNVD
added 2023/08/29 12:0 a.m.4 views

Audimex AG AudimexEE 跨站脚本漏洞

Audimex AG AudimexEE is a system for audit management from Audimex Ag, Germany. The system meets complex audit processes around a company's business, supports customization for use and is deployed platform-independently. A security vulnerability exists in Audimex AG AudimexEE v15.0, which is caus...

6.1CVSS5.9AI score0.00416EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/08/29 12:0 a.m.10 views

CVE-2023-39559

AudimexEE 15.0 was discovered to contain a full path disclosure vulnerability...

7.2AI score0.00589EPSS
Exploits1References2
CNVD
CNVD
added 2020/11/06 12:0 a.m.3 views

AudimexEE SQL Injection Vulnerability

AudimexEE is a system for audit management from Audimex AG, Germany. The system meets complex audit processes around the company's business, supports customization for use and is deployed platform-independently. A SQL injection vulnerability exists in the Documents component of AudimexEE versions...

8.8CVSS8.5AI score0.00941EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/06 12:0 a.m.2 views

AudimexEE Cross-Site Scripting Vulnerability

AudimexEE is an auditing software for large organizations. A cross-site scripting vulnerability exists in AudimexEE versions prior to 14.1.1, which allows remote attackers to perform web script or html injection via action, cargo, panel, leading to data leakage if the uniqueerrornumbers security...

5.4CVSS6.6AI score0.0075EPSS
Exploits1References1
OSV
OSV
added 2020/11/05 3:15 p.m.5 views

CVE-2020-28115

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

8.8CVSS7.5AI score0.00941EPSS
Exploits0References1
NVD
NVD
added 2020/11/05 3:15 p.m.23 views

CVE-2020-28115

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

8.8CVSS9.2AI score0.00941EPSS
Exploits0References1
OSV
OSV
added 2020/11/05 3:15 p.m.5 views

CVE-2020-28047

AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...

5.4CVSS6.2AI score0.0075EPSS
Exploits1References1
NVD
NVD
added 2020/11/05 3:15 p.m.21 views

CVE-2020-28047

AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...

5.4CVSS5.4AI score0.0075EPSS
Exploits1References1
Prion
Prion
added 2020/11/05 3:15 p.m.14 views

Sql injection

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

6.5CVSS9.2AI score0.00941EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/11/05 3:15 p.m.14 views

Cross site scripting

AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...

3.5CVSS5.3AI score0.0075EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/05 2:58 p.m.24 views

CVE-2020-28115

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

9.2AI score0.00941EPSS
Exploits0References1
CVE
CVE
added 2020/11/05 2:58 p.m.48 views

CVE-2020-28115

AudimexEE’s CVE-2020-28115 is a SQL injection in the Documents component of version 14.1.0, exploitable via the object_path parameter. Multiple connected sources corroborate: CNVD-2020-65171 states the vulnerability exists in AudimexEE versions prior to 14.1.1, implying a fixed version is 14.1.1....

8.8CVSS9.2AI score0.00941EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/05 2:57 p.m.24 views

CVE-2020-28047

AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...

5.4AI score0.0075EPSS
Exploits1References1
CVE
CVE
added 2020/11/05 2:57 p.m.48 views

CVE-2020-28047

AudimexEE before 14.1.1 is vulnerable to Reflected XSS. If the security parameter unique_error_numbers is not set, remote attackers can inject script/HTML via action, cargo, panel parameters, potentially causing data leakage. Affected product: AudimexEE; vulnerable component/entry points are the ...

5.4CVSS5.3AI score0.0075EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder