4 matches found
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability,...
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability,...
Progress MOVEit Transfer < 2020.1.11 / 2021.0 < 2021.0.9 / 2021.1 < 2021.1.7 / 2022.0 < 2022.0.7, 2022.1 < 2022.1.8 / 2023.0 < 2023.0.4 Multiple Vulnerabilities (July 2023)
The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is prior to 2020.1.11 / 2021.0 2021.0.9 / 2021.1 2021.1.7 / 2022.0 2022.0.7, 2022.1 2022.1.8 / 2023.0 2023.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in Progress...
CVE-2023-36932
MOVEit Transfer contains CVE-2023-36932, a SQL injection vulnerability in the web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database by submitting crafted payloads to an application endpoint. Affected versions include pre-2020.1.11 (...