10 matches found
EUVD-2022-48237
Malicious code in bioql PyPI...
CVE-2022-45338
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file...
Vulnerability fixed in Exact Synergy
A vulnerability has been fixed in Exact Synergy Enterprise. The vulnerability allows a malicious party to use Cross-Site Scripting XSS to execute arbitrary code under the rights of the user. A malicious party needs to be authenticated to be able to see within the application a profile picture, in...
CVE-2022-45338
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-45338
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-45338
The CVE-2022-45338 issue affects Exact Synergy Enterprise 267 (pre-267SP13) and 500 (pre-500SP6). It is an arbitrary file upload vulnerability in the profile picture upload function that permits executing arbitrary code via a crafted SVG file. Affected component: profile picture upload handler; r...
CVE-2022-45338
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-45338
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file...
Exact Synergy Enterprise 代码问题漏洞
Exact Synergy Enterprise is a platform from Dutch company Exact that handles all business processes and integrates them with ERP systems. A security vulnerability exists in Exact Synergy Enterprise versions prior to 267 267SP13 and Exact Synergy Enterprise versions prior to 500 500SP6, which stem...