10 matches found
EUVD-2018-2284
Malware in sbrugna...
EUVD-2018-2283
Malware in sbrugna...
EUVD-2018-2289
Malware in sbrugna...
Authorization
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization leading to creation of folders within another account via a modified device value...
CVE-2018-10208
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is anonymous reflected XSS on the error page via a /share/error?message= URI...
CVE-2018-10211
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultizesessionid" value in a cookie...
CVE-2018-10207
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format...
CVE-2018-10213
Vaultize Enterprise File Sharing 17.05.31 is affected by a cross-site scripting (XSS) vulnerability in the invitation mail flow, where a recipient from a different user can modify HTML in the mail before sending it. This enables potential XSS payloads if trusted HTML is rendered by the recipient’...
PT-2018-9755 · Vaultize · Vaultize Enterprise File Sharing
Name of the Vulnerable Software and Affected Versions: Vaultize Enterprise File Sharing version 17.05.31 Description: An issue was discovered that allows for Stored XSS on the file or folder download pop-up. This occurs via a crafted file or folder name. Recommendations: For Vaultize Enterprise...
PT-2018-9752 · Vaultize · Vaultize Enterprise File Sharing
Name of the Vulnerable Software and Affected Versions: Vaultize Enterprise File Sharing version 17.05.31 Description: An issue was discovered that allows for Stored XSS via the optional message field of a file request. Recommendations: For Vaultize Enterprise File Sharing version 17.05.31, consid...