Lucene search
K

199 matches found

NVD
NVD
added 2023/06/22 12:15 p.m.24 views

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

7.2CVSS7AI score0.00752EPSS
Exploits0References1
NVD
NVD
added 2023/06/22 12:15 p.m.35 views

CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

5.4CVSS5.6AI score0.00349EPSS
Exploits0References1
Prion
Prion
added 2023/06/22 12:15 p.m.16 views

Input validation

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

5.8CVSS6.9AI score0.00752EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/22 12:15 p.m.24 views

Cross site scripting

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

4.9CVSS5.6AI score0.00349EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/22 12:0 a.m.22 views

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

7.2AI score0.00752EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/22 12:0 a.m.12 views

CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

6.8AI score0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/22 12:0 a.m.30 views

CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

5.9AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.5 views

Sage Group Sage X3 跨站脚本漏洞

Sage Group Sage X3 is a software application from Sage Group UK. An enterprise resource planning ERP product developed for mature organizations. A security vulnerability exists in Sage X3 version 12.14.0.50-0, which arises from the fact that portions of the web application are dynamically...

5.4CVSS5.8AI score0.00349EPSS
Exploits0References3
CVE
CVE
added 2023/06/22 12:0 a.m.45 views

CVE-2023-31867

Sage X3 v12.14.0.50-0 is documented as vulnerable to CSV injection. The issue affects the Sage X3 software, with the root cause described in connected records as related to input validation (per PRION entry). The CVE entry notes CSV injection as the vulnerability, and Red Hat/CNNVD/NVD references...

7.2CVSS6.9AI score0.00752EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/22 12:0 a.m.51 views

CVE-2023-31868

CVE-2023-31868 concerns Sage X3 Web, version 12.14.0.50-0, with cross-site scripting (XSS) via unsanitized user input in parts of the web app that are dynamically built. The vulnerability is triggered when HTML/JavaScript code is injected into input fields that are not validated/filtered, and suc...

5.4CVSS5.6AI score0.00349EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.6 views

PT-2023-23497 · Sage · Sage X3

Name of the Vulnerable Software and Affected Versions: Sage X3 version 12.14.0.50-0 Description: The issue is related to CSV Injection. Recommendations: For Sage X3 version 12.14.0.50-0, at the moment, there is no information about a newer version that contains a fix for this issue...

7.2CVSS6.8AI score0.00752EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/22 12:0 a.m.11 views

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

6.9AI score0.00752EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.6 views

PT-2023-3640 · Sage · Sage X3

Name of the Vulnerable Software and Affected Versions: Sage X3 version 12.14.0.50-0 Description: The issue is related to Cross Site Scripting XSS in the Sage X3 Web application. Some parts of the application are dynamically built using user inputs, but these inputs are not verified or filtered,...

5.5CVSS5.7AI score0.00349EPSS
Exploits0References7
CNVD
CNVD
added 2022/07/27 12:0 a.m.25 views

WAVLINK WN579 X3 messages.txt Access Control Error Vulnerability

WAVLINK WN579 X3, a wireless router from WAVLINK China, is vulnerable to an access control error in WAVLINK WN579 X3 M79X3.V5030.191012. The vulnerability is caused by the failure to set reasonable access rights to the messages.txt file, which can be exploited to obtain critical information by...

7.5CVSS3AI score0.00861EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/25 10:15 p.m.2 views

CVE-2022-34570

WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page...

7.5CVSS5.9AI score0.00861EPSS
Exploits1References3
OSV
OSV
added 2022/07/25 10:15 p.m.2 views

CVE-2022-34570

WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page...

7.5CVSS5.8AI score0.00861EPSS
Exploits1References2
NVD
NVD
added 2022/07/25 10:15 p.m.18 views

CVE-2022-34570

WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page...

7.5CVSS0.00861EPSS
Exploits1References2
Prion
Prion
added 2022/07/25 10:15 p.m.16 views

Information disclosure

WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page...

5CVSS7.3AI score0.00861EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/07/25 9:37 p.m.70 views

CVE-2022-34570

CVE-2022-34570 concerns WAVLINK WN579 X3 (M79X3.V5030.191012) where an information leak allows attackers to obtain key information by accessing the vulnerable file, messages.txt. The root cause is an access control error or insufficient access rights handling on messages.txt, as described in mult...

7.5CVSS7.2AI score0.00861EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.5 views

PT-2022-22209 · Wavlink · Wavlink Wn579X3

Name of the Vulnerable Software and Affected Versions: WAVLINK WN579 X3 version M79X3.V5030.191012 Description: The issue allows attackers to obtain key information by accessing the "messages.txt" page, resulting in an information leak. Recommendations: For version M79X3.V5030.191012, consider...

7.5CVSS7.3AI score0.00861EPSS
Exploits1References4
Rows per page
Query Builder