Lucene search
+L

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24942

Malware in sbrugna...

7.5CVSS7.5AI score0.00986EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:5 p.m.6 views

CVE-2021-37425

Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key...

9.1CVSS6.5AI score0.66278EPSS
Exploits4References1
Exploit DB
Exploit DB
added 2021/08/12 12:0 a.m.551 views

Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)

Exploit Title: Altova MobileTogether Server 7.3 - XML External Entity Injection XXE Date: 2021-08-10 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.altova.com/mobiletogether-server Version: 7.3 CVE: 2021-37425 Advisory: XML External Entity Expansion in MobileTogether Server...

9.1CVSS8.6AI score0.66278EPSS
Exploits4
NVD
NVD
added 2021/08/10 10:15 p.m.15 views

CVE-2021-38490

Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425...

7.5CVSS0.00986EPSS
Exploits0References1
Prion
Prion
added 2021/08/10 10:15 p.m.15 views

Privilege escalation

Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425...

5CVSS8.4AI score0.66278EPSS
Exploits4References1Affected Software1
Packet Storm
Packet Storm
added 2021/08/10 12:0 a.m.326 views

MobileTogether Server 7.3 XML Injection

Advisory: XML External Entity Expansion in MobileTogether Server RedTeam Pentesting discovered a vulnerability in the MobileTogether server which allows users with access to at least one app to read arbitrary, non-binary files from the file system and perform server-side requests. The vulnerabili...

0.1AI score0.66278EPSS
Exploits4
Rows per page
Query Builder