55 matches found
CVE-2023-6718
The CVE-2023-6718 entry concerns an authentication bypass in Repox . Multiple connected sources describe a vulnerability where a remote attacker can send a specially crafted POST request without any authentication, leading to the alteration or creation of users in Repox. The primary affected comp...
CVE-2023-6718 Authentication Bypass Using an Alternate Path or Channel in Repox
An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users...
PT-2023-36082 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: A path traversal issue has been detected, allowing an attacker to read arbitrary files on the server. This could lead to the disclosure of sensitive information, including application code,...
Repox Code Issues Vulnerabilities
Repox is a framework for managing data spaces from Repox. A code issue vulnerability exists in Repox 2.3.7 and prior versions that stems from an arbitrary file upload vulnerability...
Repox Security Vulnerability
Repox is a framework for managing data spaces from Repox. A security vulnerability exists in Repox 2.3.7 and earlier versions, which stems from the presence of a path traversal vulnerability. The vulnerability can be exploited by an attacker to read arbitrary files on the server, thereby disclosi...
Repox Code Issues Vulnerabilities
Repox is a framework for managing data spaces from Repox. A code issue vulnerability exists in Repox 2.3.7 and earlier versions, which stems from the presence of an XML External Entity Injection XXE vulnerability. An attacker can exploit this vulnerability to upload malicious XML data via the...
Repox Cross-Site Scripting Vulnerability
Repox is a framework for managing dataspaces from Repox, Inc. A cross-site scripting vulnerability exists in Repox 2.3.7 and earlier versions, which stems from the presence of a stored cross-site scripting XSS vulnerability...
Repox Security Vulnerability
Repox is a framework for managing data spaces from Repox, Inc. A security vulnerability exists in Repox 2.3.7 and earlier versions that stems from the presence of an authentication bypass vulnerability. An attacker can exploit the vulnerability by sending a crafted POST request to change or creat...
PT-2023-36080 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: A stored XSS issue has been identified, allowing a local attacker to store a specially crafted JavaScript payload on the server due to insufficient sanitisation of field elements. This enable...
PT-2023-36079 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: A security issue has been identified that allows an attacker to compromise interactions between a user and the vulnerable application. This can be exploited by sending a specially crafted...
PT-2023-36081 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: A vulnerability has been found that allows a remote attacker to interfere with the application's XML data processing in the fileupload function. This results in interaction between the attack...
PT-2023-36078 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: An authentication bypass issue has been found, allowing a remote user to send a specially crafted POST request to alter or create users due to the lack of any authentication method...
PT-2023-32750 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: A path traversal vulnerability has been detected, allowing an attacker to read arbitrary files on the running server. This results in the disclosure of sensitive information, including...
PT-2023-32749 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: An XEE vulnerability has been found in Repox, allowing a remote attacker to interfere with the application's XML data processing in the fileupload function. This results in interaction betwee...
Repox Cross-Site Scripting Vulnerability
Repox is a framework for managing dataspaces from Repox. A cross-site scripting vulnerability exists in Repox 2.3.7 and earlier versions, which stems from the presence of a cross-site scripting XSS vulnerability...