OrbiTeam BSCW Server XSS / LFI / User Enumeration Vulnerabilities

OrbiTeam BSCW Server versions 5.0.x, 5.1.x, 5.2.4 and below, 7.3.x and below, and 7.4.3 and below suffer from path traversal, cross site scripting, HTTP header, session object manipulation, local file inclusion, and user enumeration vulnerabilities...

BSCW Server XML Injection Vulnerability

BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an XML tag injection vulnerability. ======================================================================= title: XML Tag injection product: BSCW Server vulnerable version:...

BSCW Server Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated RCE product: BSCW Server vulnerable version: BSCW Server =5.0.11, =5.1.9, =5.2.3, =7.3.2, =7.4.2 fixed version: 5.0.12, 5.1.10, 5.2.4, 7.3.3, 7.4.3 CVE...

BSCW Server Remote Code Execution Vulnerability

BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated RCE product: BSCW Server...

BSCW Server XML Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML Tag injection product: BSCW Server vulnerable version: BSCW Server...