21 matches found
EUVD-2021-18884
Malware in sbrugna...
EUVD-2021-18883
Malware in sbrugna...
EUVD-2021-18885
Malware in sbrugna...
CVE-2021-32018
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory traversal...
CVE-2021-32017
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...
CVE-2021-32016
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem with user-controlled content via directory traversal, potentially leading to remote code and command execution...
JUMP path traversal vulnerability
JUMP is an asset management solution from the French company JUMP. version 3.6.0.04.009-2487 of JUMP AMS contains a security vulnerability that stems from the fact that the application allows arbitrary files to be written to a user-controlled location on a remote file system with user-controlled...
CVE-2021-32018
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory traversal...
CVE-2021-32018
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory traversal...
CVE-2021-32016
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem with user-controlled content via directory traversal, potentially leading to remote code and command execution...
CVE-2021-32016
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem with user-controlled content via directory traversal, potentially leading to remote code and command execution...
Directory traversal
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem with user-controlled content via directory traversal, potentially leading to remote code and command execution...
CVE-2021-32018
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory traversal...
CVE-2021-32018
CVE-2021-32018 affects Jump AMS 3.6.0.04.009-2487 and is due to an improper limitation of file loading on the server filesystem in the JUMP SOAP API, enabling arbitrary file reads (directory traversal). Public records list CVSS metrics: CVSSv3.1 base 6.5 (Network, Low complexity, Privileges Low, ...
CVE-2021-32016
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem with user-controlled content via directory traversal, potentially leading to remote code and command execution...
CVE-2021-32016
CVE-2021-32016 affects JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permits writing arbitrary files to a user-controlled location on the remote filesystem via directory traversal, potentially leading to remote code and command execution. The connected sources reiterate this description; no fu...
CVE-2021-32017
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...
CVE-2021-32017
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...
Design/Logic Flaw
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...
CVE-2021-32017
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...