Lucene search
+L

46 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-22979

Malware in sbrugna...

8.8CVSS8.6AI score0.03975EPSS
Exploits3References5
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-25633

Malware in sbrugna...

8.8CVSS8.6AI score0.03679EPSS
Exploits3References5
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-2339

Malware in sbrugna...

5CVSS6.2AI score0.02253EPSS
Exploits3References5
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0095

Malware in sbrugna...

7.5CVSS6.4AI score0.0279EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0094

Malware in sbrugna...

7.5CVSS6.4AI score0.03287EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0955

Malware in sbrugna...

6.4CVSS6.4AI score0.02025EPSS
Exploits0References6
redhatcve
redhatcve
added 2025/05/22 9:13 p.m.8 views

CVE-2021-36359

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution RCE via XML tag injection because reportlab\platypus\paraparser.py reached via bscw.cgi op=editfolder.EditFolder calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and...

8.8CVSS7.9AI score0.03975EPSS
Exploits3References1
redhatcve
redhatcve
added 2025/05/22 8:44 p.m.4 views

CVE-2021-39271

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution RCE during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3...

8.8CVSS7.8AI score0.03679EPSS
Exploits3References1
zdt
zdt
added 2021/12/04 12:0 a.m.505 views

OrbiTeam BSCW Server XSS / LFI / User Enumeration Vulnerabilities

OrbiTeam BSCW Server versions 5.0.x, 5.1.x, 5.2.4 and below, 7.3.x and below, and 7.4.3 and below suffer from path traversal, cross site scripting, HTTP header, session object manipulation, local file inclusion, and user enumeration vulnerabilities...

7AI score
Exploits0
packetstorm
packetstorm
added 2021/08/31 12:0 a.m.283 views

BSCW Server XML Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML Tag injection product: BSCW Server vulnerable version: BSCW Server...

0.1AI score0.03975EPSS
Exploits3
packetstorm
packetstorm
added 2021/08/31 12:0 a.m.213 views

BSCW Server Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated RCE product: BSCW Server vulnerable version: BSCW Server =5.0.11, =5.1.9, =5.2.3, =7.3.2, =7.4.2 fixed version: 5.0.12, 5.1.10, 5.2.4, 7.3.3, 7.4.3 CVE...

0.1AI score0.03679EPSS
Exploits3
zdt
zdt
added 2021/08/31 12:0 a.m.281 views

BSCW Server XML Injection Vulnerability

BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an XML tag injection vulnerability. ======================================================================= title: XML Tag injection product: BSCW Server vulnerable version:...

8.8CVSS0.03975EPSS
Exploits3
zdt
zdt
added 2021/08/31 12:0 a.m.287 views

BSCW Server Remote Code Execution Vulnerability

BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated RCE product: BSCW Server...

8.8CVSS0.8AI score0.03679EPSS
Exploits3
osv
osv
added 2021/08/30 5:15 a.m.9 views

CVE-2021-36359

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution RCE via XML tag injection because reportlab\platypus\paraparser.py reached via bscw.cgi op=editfolder.EditFolder calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and...

8.8CVSS6.3AI score0.03975EPSS
Exploits3References3
nvd
nvd
added 2021/08/30 5:15 a.m.16 views

CVE-2021-39271

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution RCE during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3...

8.8CVSS0.03679EPSS
Exploits3References3
nvd
nvd
added 2021/08/30 5:15 a.m.39 views

CVE-2021-36359

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution RCE via XML tag injection because reportlab\platypus\paraparser.py reached via bscw.cgi op=editfolder.EditFolder calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and...

8.8CVSS0.03975EPSS
Exploits3References3
prion
prion
added 2021/08/30 5:15 a.m.17 views

Remote code execution

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution RCE via XML tag injection because reportlab\platypus\paraparser.py reached via bscw.cgi op=editfolder.EditFolder calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and...

6.5CVSS8.9AI score0.03975EPSS
Exploits3References3Affected Software1
attackerkb
attackerkb
added 2021/08/30 5:15 a.m.5 views

CVE-2021-36359

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution RCE via XML tag injection because reportlab\platypus\paraparser.py reached via bscw.cgi op=editfolder.EditFolder calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and...

8.8CVSS6.2AI score0.03975EPSS
Exploits3References4
prion
prion
added 2021/08/30 5:15 a.m.14 views

Design/Logic Flaw

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution RCE during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3...

6.5CVSS8.7AI score0.03679EPSS
Exploits3References3Affected Software1
cvelist
cvelist
added 2021/08/30 4:58 a.m.38 views

CVE-2021-39271

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution RCE during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3...

9AI score0.03679EPSS
Exploits3References3
Rows per page
Query Builder