54 matches found
Audimex AG AudimexEE 跨站脚本漏洞
Audimex AG AudimexEE is a system for audit management from Audimex Ag, Germany. The system meets complex audit processes around a company's business, supports customization for use and is deployed platform-independently. A security vulnerability exists in Audimex AG AudimexEE v15.0, which is caus...
CVE-2023-39559
AudimexEE 15.0 was discovered to contain a full path disclosure vulnerability...
AudimexEE SQL Injection Vulnerability
AudimexEE is a system for audit management from Audimex AG, Germany. The system meets complex audit processes around the company's business, supports customization for use and is deployed platform-independently. A SQL injection vulnerability exists in the Documents component of AudimexEE versions...
AudimexEE Cross-Site Scripting Vulnerability
AudimexEE is an auditing software for large organizations. A cross-site scripting vulnerability exists in AudimexEE versions prior to 14.1.1, which allows remote attackers to perform web script or html injection via action, cargo, panel, leading to data leakage if the uniqueerrornumbers security...
CVE-2020-28115
SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...
CVE-2020-28115
SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...
CVE-2020-28047
AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...
CVE-2020-28047
AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...
Sql injection
SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...
Cross site scripting
AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...
CVE-2020-28115
SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...
CVE-2020-28115
AudimexEE’s CVE-2020-28115 is a SQL injection in the Documents component of version 14.1.0, exploitable via the object_path parameter. Multiple connected sources corroborate: CNVD-2020-65171 states the vulnerability exists in AudimexEE versions prior to 14.1.1, implying a fixed version is 14.1.1....
CVE-2020-28047
AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...
CVE-2020-28047
AudimexEE before 14.1.1 is vulnerable to Reflected XSS. If the security parameter unique_error_numbers is not set, remote attackers can inject script/HTML via action, cargo, panel parameters, potentially causing data leakage. Affected product: AudimexEE; vulnerable component/entry points are the ...