Lucene search
K

16 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-9044

Malware in sbrugna...

5.4CVSS5.5AI score0.00644EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-9045

Malware in sbrugna...

6.5CVSS6.6AI score0.01543EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-9043

Malware in sbrugna...

4.9CVSS5.2AI score0.00434EPSS
Exploits1References2
osv
osv
added 2019/04/18 6:29 p.m.4 views

CVE-2018-17289

An XML external entity XXE vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration .ZIP file within the Kofax/KFS/Admin/PackageService/package/uploa...

6.5CVSS5.9AI score0.01543EPSS
Exploits1References1
nvd
nvd
added 2019/04/18 6:29 p.m.15 views

CVE-2018-17287

In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingvalue operation...

4.9CVSS5.2AI score0.00434EPSS
Exploits1References1
prion
prion
added 2019/04/18 6:29 p.m.12 views

Cross site scripting

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

3.5CVSS5.4AI score0.00644EPSS
Exploits1References1Affected Software1
osv
osv
added 2019/04/18 6:29 p.m.6 views

CVE-2018-17288

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

5.4CVSS5.8AI score0.00644EPSS
Exploits1References1
prion
prion
added 2019/04/18 6:29 p.m.17 views

Design/Logic Flaw

In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingvalue operation...

4CVSS5.2AI score0.00434EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2019/04/18 6:29 p.m.20 views

CVE-2018-17289

An XML external entity XXE vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration .ZIP file within the Kofax/KFS/Admin/PackageService/package/uploa...

6.5CVSS6.2AI score0.01543EPSS
Exploits1References1
osv
osv
added 2019/04/18 6:29 p.m.6 views

CVE-2018-17287

In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingvalue operation...

4.9CVSS5.8AI score0.00434EPSS
Exploits1References1
nvd
nvd
added 2019/04/18 6:29 p.m.13 views

CVE-2018-17288

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

5.4CVSS5.4AI score0.00644EPSS
Exploits1References1
prion
prion
added 2019/04/18 6:29 p.m.18 views

Xxe

An XML external entity XXE vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration .ZIP file within the Kofax/KFS/Admin/PackageService/package/uploa...

4CVSS6.2AI score0.01543EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2019/04/18 5:47 p.m.18 views

CVE-2018-17289

An XML external entity XXE vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration .ZIP file within the Kofax/KFS/Admin/PackageService/package/uploa...

6.2AI score0.01543EPSS
Exploits1References1
cvelist
cvelist
added 2019/04/18 5:42 p.m.18 views

CVE-2018-17288

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

5.5AI score0.00644EPSS
Exploits1References1
cvelist
cvelist
added 2019/04/18 5:29 p.m.22 views

CVE-2018-17287

In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingvalue operation...

5.2AI score0.00434EPSS
Exploits1References1
cve
cve
added 2019/04/18 5:29 p.m.47 views

CVE-2018-17287

CVE-2018-17287 affects Kofax Front Office Server Administration Console (version 4.1.1.11.0.5212). The issue arises because some fields (e.g., passwords) are obfuscated in the front-end but can be exfiltrated via the back-end download feature (mfp.password downloadsettingvalue operation). This co...

4.9CVSS5.2AI score0.00434EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder