36 matches found
EUVD-2019-7737
Malware in sbrugna...
EUVD-2019-7738
Malware in sbrugna...
EUVD-2019-7739
Malware in sbrugna...
CVE-2019-17326
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...
CVE-2019-17322
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation via a POST request with the parameter set to the file path to be written. This can be an executable file that is written to in the arbitrary directory. User interaction is required to exploit this vulnerability in that...
CVE-2019-17325
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx. That could lead to disclosure of sensitive information. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2019-17321
ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required...
CVE-2019-17323
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...
ClipSoft REXPERT Arbitrary File Creation Vulnerability
ClipSoft REXPERT is a report generation program from ClipSoft Korea. An arbitrary file creation vulnerability exists in ClipSoft REXPERT. An attacker can exploit this vulnerability to create arbitrary files via a POST request...
ClipSoft REXPERT Directory Traversal Vulnerability
ClipSoft REXPERT is a report generation program from ClipSoft Korea. A directory traversal vulnerability exists in ClipSoft REXPERT. An attacker can exploit this vulnerability to access locations outside of a restricted directory...
ClipSoft REXPERT File Upload Vulnerability
ClipSoft REXPERT is a report generation program from ClipSoft Korea. A file upload vulnerability exists in ClipSoft REXPERT. The vulnerability can be exploited by an attacker to upload arbitrary local files and disclose sensitive information via ActiveX methods...
ClipSoft REXPERT XML Injection Vulnerability
ClipSoft REXPERT is a report generation program from ClipSoft Korea. An injection vulnerability exists in ClipSoft REXPERT XML. An attacker can exploit this vulnerability to create and execute arbitrary files via the report printing function...
ClipSoft REXPERT Information Disclosure Vulnerability
ClipSoft REXPERT is a report generation program from ClipSoft Korea. An information disclosure vulnerability exists in ClipSoft REXPERT. An attacker can exploit the vulnerability to disclose a user's name via the session file path of HTTP response data...
CVE-2019-17326
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...
CVE-2019-17324
ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability ...
CVE-2019-17324
ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability ...
CVE-2019-17326
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...
CVE-2019-17321
ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required...
CVE-2019-17323
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...
CVE-2019-17321
ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required...