Lucene search
K

8 matches found

BDU FSTEC
BDU FSTEC
added 2023/11/20 12:0 a.m.7 views

The vulnerability of the Object Attribute Handler component in the cross-platform FTP server CrushFTP allows a hacker to execute arbitrary code.

The vulnerability of the Object Attribute Handler component in the cross-platform FTP server CrushFTP is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted requests containing AS2 headers...

10CVSS8.4AI score0.81801EPSS
Exploits7References4Affected Software1
Prion
Prion
added 2022/06/17 1:15 p.m.18 views

Xxe

ASG technologies A Rocket Software Company ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity XXE...

7.5CVSS9.3AI score0.01293EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2022/06/17 11:58 a.m.66 views

CVE-2021-45026

The CVE-2021-45026 entry concerns ASG-Zena Cross Platform Server Enterprise Edition 4.2.1, where multiple sources describe a Cross Site Scripting (XSS) vulnerability in the Web UI (ClientManager/Webconfig) arising from insufficient input filtering/escaping. Public records identify this as a store...

6.1CVSS6AI score0.0145EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2022/06/17 11:57 a.m.15 views

CVE-2021-45025

ASG technologies A Rocket Software Company ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie...

7.7AI score0.00674EPSS
Exploits3References3
CVE
CVE
added 2022/06/17 11:57 a.m.59 views

CVE-2021-45024

CVE-2021-45024 affects ASG-Zena Cross Platform Server Enterprise Edition 4.2.1. The connected documents describe an XML External Entity (XXE) vulnerability in the XML import handling that can lead to SSRF and data exfiltration via the server (endpoints such as oc_main/zenaweb/scheduler/operation)...

9.8CVSS9.4AI score0.01293EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/17 12:0 a.m.4 views

PT-2022-12290 · Asg · Asg-Zena Cross Platform Server Enterprise Edition

Name of the Vulnerable Software and Affected Versions: ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1 Description: The issue concerns an XML External Entity XXE problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world...

9.8CVSS9.3AI score0.01293EPSS
Exploits2References4
CNNVD
CNNVD
added 2022/06/17 12:0 a.m.3 views

ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 跨站脚本漏洞

ASG technologies ASG-Zena Cross Platform Server Enterprise Edition is a modern multi-platform workload automation solution from ASG technologies, Inc. A cross-site scripting vulnerability exists in ASG technologies ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1, which stems from...

6.1CVSS5.6AI score0.0145EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2022/06/17 12:0 a.m.3 views

PT-2022-12292 · Asg · Asg-Zena Cross Platform Server Enterprise Edition

Name of the Vulnerable Software and Affected Versions: ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1 Description: The issue is related to Cross Site Scripting XSS. No information is provided about the estimated number of potentially affected devices worldwide or real-world...

6.1CVSS5.9AI score0.0145EPSS
Exploits3References8
Rows per page
Query Builder