19 matches found
EUVD-2021-14861
Malware in sbrugna...
EUVD-2021-14862
Malware in sbrugna...
CVE-2021-28173
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login...
CVE-2021-28172
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
CVE-2021-28171
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
CVE-2021-28171
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
CVE-2021-28173
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login...
CVE-2021-28172
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
Design/Logic Flaw
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
Path traversal
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
CVE-2021-28173
CVE-2021-28173 affects Vangene deltaFlow E-platform. The vulnerability is an unauthorized file upload due to improper access control, enabling remote attackers to upload and execute arbitrary files without authentication. Supported by multiple connected sources (NVD entry and regional disclosures...
CVE-2021-28173 Vangene deltaFlow E-platform - Arbitrary File Upload
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login...
CVE-2021-28172
CVE-2021-28172 describes a path traversal vulnerability in the file download function of Vangene deltaFlow E-platform. The underlying issue allows remote attackers to access credential data through the download mechanism. The entry cites a network-accessible vector with low attack complexity and ...
CVE-2021-28171
The CVE-2021-28171 entry concerns the Vangene deltaFlow E-platform. The vulnerability stems from improper protective measures that allow remote attackers to obtain privileged permissions by tampering with users’ cookie data. Affected component: cookie-based session/authorization data handling in ...
CVE-2021-28171 Vangene deltaFlow E-platform - Broken Authentication
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
CVE-2021-28172 Vangene deltaFlow E-platform - Path Traversal
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
Vangene deltaFlow E-platform 安全漏洞
The Vangene deltaFlow E-platform is an application system from Vangene, China. Standard forms can be set up quickly in less than five minutes. A security vulnerability exists in the Vangene deltaFlow E-platform, which can be exploited by an attacker to remotely gain privileged access by tampering...
Vangene deltaFlow E-platform 代码问题漏洞
The Vangene deltaFlow E-platform is an application system from Vangene, China. Standard forms can be set up quickly in less than five minutes. A code issue exists in Vangene deltaFlow E-platform, which is caused by the upload function not being properly access controlled. A remote attacker can...
Vangene deltaFlow E-platform 路径遍历漏洞
The Vangene deltaFlow E-platform is an application system from Vangene, China. Standard forms can be set up quickly in less than five minutes. A path traversal vulnerability exists in Vangene deltaFlow E-platform, which can be exploited by remote attackers to access credential data...