17 matches found
CVE-2019-12163
GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via in a ws/gatshipWs.asmx/SqlVersion request...
EUVD-2019-3812
Malware in sbrugna...
EUVD-2019-2736
Malware in sbrugna...
GAT-Ship Web Module 1.30 Information Disclosure Vulnerability
Exploit for multiple platform in category web applications GAT-Ship Web Module 1.30 - Unauthenticated Information Disclosure Vulnerability It is possible in versions 1.30 and below for unauthenticated attackers to query the GAT-Ship Web Module for system information via a crafted request: PoC:...
CVE-2019-12163
GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via in a ws/gatshipWs.asmx/SqlVersion request...
CVE-2019-12163
GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via in a ws/gatshipWs.asmx/SqlVersion request...
Cross site request forgery (csrf)
GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via in a ws/gatshipWs.asmx/SqlVersion request...
CVE-2019-12163
GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via in a ws/gatshipWs.asmx/SqlVersion request...
CVE-2019-12163
GAT-Ship Web Module prior to 1.31 is vulnerable to information disclosure via the ws/gatshipWs.asmx/SqlVersion endpoint. The root cause is exposure of potentially sensitive data through that API call. Affected versions: earlier than 1.31. Remediation: upgrade to 1.31 or later; as a temporary cont...
GAT-Ship Web Module 1.30 Information Disclosure
GAT-Ship Web Module 1.30 - Unauthenticated Information Disclosure Vulnerability It is possible in versions 1.30 and below for unauthenticated attackers to query the GAT-Ship Web Module for system information via a crafted request: PoC:...
PT-2019-12672 · Gat · Gat-Ship Web Module
Name of the Vulnerable Software and Affected Versions: GAT-Ship Web Module versions prior to 1.31 Description: The issue allows remote attackers to obtain potentially sensitive information. This is achieved via a request to the "ws/gatshipWs.asmx/SqlVersion" API endpoint. Recommendations: For...
GAT-Ship Web Module Unrestricted File Upload Vulnerability
Exploit for asp platform in category web applications GAT-Ship Web Module before the current version 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx" Fix: Upgrad...
CVE-2019-11028
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx"...
CVE-2019-11028
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx"...
Design/Logic Flaw
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx"...
CVE-2019-11028
GAT-Ship Web Module is vulnerable to an authenticated unrestricted file upload in the Documents area (uploadDocFile.aspx) on versions before 1.40. The root cause is an improper validation allowing uploading of any file type to the server, enabling potential arbitrary content handling. There is no...
CVE-2019-11028
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx"...