23 matches found
EUVD-2020-17729
Malware in sbrugna...
EUVD-2021-15617
Malware in sbrugna...
EUVD-2021-15616
Malware in sbrugna...
EUVD-2024-16113
Malicious code in bioql PyPI...
CVE-2020-25034
eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sortby, searchURL, or searchattachment parameter to the email search feature...
CVE-2024-0317
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows an attacker to send a specially crafted JavaScript payload via the 'type' and 'sfname' parameters to an authenticated user to retrieve their session details...
CVE-2024-0317
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows an attacker to send a specially crafted JavaScript payload via the 'type' and 'sfname' parameters to an authenticated user to retrieve their session details...
Cross site scripting
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows an attacker to send a specially crafted JavaScript payload via the 'type' and 'sfname' parameters to an authenticated user to retrieve their session details...
CVE-2024-0317
CVE-2024-0317 is an XSS vulnerability in FireEye EX 9.0.3.936727. The issue allows an attacker to send a crafted JavaScript payload via the parameters “type” and “s_f_name” to an authenticated user, enabling retrieval of the user’s session details. Supported by multiple sources in the provided do...
CVE-2024-0317 Cross-Site Scripting in FireEye EX
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows an attacker to send a specially crafted JavaScript payload via the 'type' and 'sfname' parameters to an authenticated user to retrieve their session details...
PT-2024-1470 · Fireeye · Fireeye Ex
Name of the Vulnerable Software and Affected Versions: FireEye EX version 9.0.3.936727 Description: The issue is related to Cross-Site Scripting XSS in FireEye EX. An attacker can exploit this by sending a specially crafted JavaScript payload via the type and s f name parameters to an authenticat...
CVE-2021-28970
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
CVE-2021-28969
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sortby parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3. NOTE: this is different from CVE-2020-25034 and affects newer versions of the...
CVE-2021-28970
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
Sql injection
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sortby parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3. NOTE: this is different from CVE-2020-25034 and affects newer versions of the...
Sql injection
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
CVE-2021-28970
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
CVE-2021-28970
CVE-2021-28970 concerns eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices. The vulnerability allows a remote authenticated user to perform a SQL injection through the job_id parameter in the email search feature. The underlying impact reported includes partial confidentiality...
CVE-2021-28969
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sortby parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3. NOTE: this is different from CVE-2020-25034 and affects newer versions of the...
Mainway FireEye EX SQL注入漏洞
Mainway FireEye EX is an all-in-one platform for enterprise security from Mainway, a China-based company. the FireEye® Central Management Platforms CM Series are a set of management platforms that consolidate the management, reporting, and data sharing of FireEye products into a single, easily...