3 matches found
CVE-2021-33523
MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController...
CVE-2021-33523
MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController...
CVE-2021-33523
MashZone NextGen (up to 10.7 GA) contains a vulnerability where a remote authenticated user with admin-console access can upload a JDBC driver via com.idsscheer.ppmmashup.business.jdbc.DriverUploadController, allowing execution of arbitrary commands on the underlying host. The Red Hat and NVD ent...