PT-2024-13068 · Clarisa · Filemaker Server

Name of the Vulnerable Software and Affected Versions: FileMaker Server versions prior to 20.3.1 Description: The issue potentially exposed password information to front-end websites when signed in to the Admin Console with an administrator role. This was resolved by eliminating the send of Admin...

PT-2024-22034 · Clarisa · Filemaker Server

Name of the Vulnerable Software and Affected Versions: FileMaker Server versions prior to 20.3.2 Description: The issue potentially allowed unauthorized access to records stored in databases hosted on FileMaker Server. This was resolved by validating transactions before replying to client request...

CVE-2024-27794

Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...

CVE-2024-27794

Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...

CVE-2024-27794

Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...

CVE-2024-27794

Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...

CVE-2024-27794

CVE-2024-27794 affects Claris FileMaker Server versions prior to 20.3.2. The issue is a reflected Cross-Site Scripting vulnerability caused by an improperly handled parameter in the FileMaker WebDirect login endpoint. The impact is a potential XSS via the login flow; the fix is to upgrade to File...

PT-2024-22038 · Clarisa · Claris Filemaker Server

Name of the Vulnerable Software and Affected Versions: Claris FileMaker Server versions prior to 20.3.2 Description: The issue is related to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. This vulnerability was...

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in Claris FileMaker Server versions prior to 20.3.2 that stems from improper handling of parameters in the FileMaker WebDirect login...

CVE-2023-42954

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...

CVE-2023-42954

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...

CVE-2023-42954

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...

CVE-2023-42954

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...

CVE-2023-42954

CVE-2023-42954 describes a privilege-escalation vulnerability in FileMaker Server prior to 20.3.1. When signed in to the Admin Console with an administrator role, an attacker could potentially access more sensitive information via front-end websites. The issue is mitigated by the 20.3.1 update, w...

PT-2024-13067 · Clarisa · Filemaker Server

Name of the Vulnerable Software and Affected Versions: FileMaker Server versions prior to 20.3.1 Description: A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role...

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server versions prior to 20.3.1, which stems from an escalation of privilege issue that could potentially disclose...

CVE-2021-44147

An XML External Entity issue in Claris FileMaker Pro and Server including WebDirect before 19.4.1 allows a remote attacker to disclose local files via a crafted XML/Excel document and perform server-side request forgery attacks...

Claris FileMaker Pro 代码问题漏洞

Claris FileMaker Pro is a cross-platform relational database application from Claris USA. It integrates a database engine with a graphical user interface Gui and security features that allow users to modify the database, or tables, by dragging new elements onto layouts, screens. A security...

FileMaker server issue where PHP source code may be viewable

Overview FileMaker server contains an issue where PHP source code may be viewable when Custom Web Publishing with PHP is enabled. Atsushi Matsuo of Emic Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

JVN#91638315: FileMaker server issue where PHP source code may be viewable

FileMaker server contains an issue where PHP source code may be viewable when Custom Web Publishing with PHP is enabled. Impact PHP source code may be viewable. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected FileMake...