24 matches found
EUVD-2019-5903
Malware in sbrugna...
EUVD-2019-5902
Malware in sbrugna...
EUVD-2019-5905
Malware in sbrugna...
CVE-2019-14765
Incorrect Access Control in AfficheExplorateurParam in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers...
CVE-2019-14767
In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence dossier=../ and servletrecuperefichier document=../ allows an unauthenticated user to download arbitrary files from the server...
CVE-2019-14766
Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to browse the server filesystem...
CVE-2019-14768
An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges...
CVE-2019-14765
Incorrect Access Control in AfficheExplorateurParam in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers...
CVE-2019-14766
Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to browse the server filesystem...
CVE-2019-14767
In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence dossier=../ and servletrecuperefichier document=../ allows an unauthenticated user to download arbitrary files from the server...
CVE-2019-14768
An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges...
CVE-2019-14765
Incorrect Access Control in AfficheExplorateurParam in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers...
CVE-2019-14768
An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges...
Path traversal
In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence dossier=../ and servletrecuperefichier document=../ allows an unauthenticated user to download arbitrary files from the server...
Improper access control
Incorrect Access Control in AfficheExplorateurParam in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers...
Path traversal
An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges...
Path traversal
Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to browse the server filesystem...
CVE-2019-14768
CVE-2019-14768 affects DIMO YellowBox CRM prior to 6.3.4. An authenticated user can exploit an Arbitrary File Upload in the file browser to deploy a WebApp WAR to the Tomcat server via Path Traversal, enabling remote code execution with SYSTEM privileges. The vulnerability stems from improper val...
CVE-2019-14767
In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence dossier=../ and servletrecuperefichier document=../ allows an unauthenticated user to download arbitrary files from the server...
CVE-2019-14767
In DIMO YellowBox CRM prior to version 6.3.4, a Path Traversal vulnerability exists in images/Apparence (dossier=../) and servletrecuperefichier (document=../) that allows an unauthenticated user to download arbitrary files from the server. Affected component: the application’s file retrieval pat...