14 matches found
EUVD-2023-41196
Malicious code in bioql PyPI...
CVE-2023-37290
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows...
CVE-2023-37290
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows...
Server side request forgery (ssrf)
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows...
CVE-2023-37290 InfoDoc Document On-line Submission and Approval System - Server-Side Request Forgery (SSRF)
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows...
CVE-2023-37290
InfoDoc Document On-line Submission and Approval System is affected by CVE-2023-37290 due to insufficient restrictions on HTML tags in its HTML-to-PDF conversion, enabling unauthenticated SSRF via resources loaded through tags like iframe. This could allow remote attackers to access arbitrary sys...
CVE-2023-37290 InfoDoc Document On-line Submission and Approval System - Server-Side Request Forgery (SSRF)
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows...
CVE-2023-37289
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...
Design/Logic Flaw
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...
CVE-2023-37289
This CVE (CVE-2023-37289) affects InfoDoc Document On-line Submission and Approval System (versions 22547, 22567) and concerns an Unrestricted Upload of File with Dangerous Type in the file uploading function. The root cause is a permissive file upload mechanism that allows an unauthenticated rem...
CVE-2023-37289 InfoDoc Document On-line Submission and Approval System - Arbitrary File Upload
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...
PT-2023-25886 · Unknown · Infodoc Document On-Line Submission/Approval System
Name of the Vulnerable Software and Affected Versions: InfoDoc Document On-line Submission and Approval System versions 22547, 22567 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type in the file uploading function. This allows an unauthenticated remote attack...
InfoDoc Document On-line Submission and Approval System 代码问题漏洞
The InfoDoc Document On-line Submission and Approval System is an online submission and approval system for documents from InfoDoc, Inc. The InfoDoc Document On-line Submission and Approval System is vulnerable to a code issue that originates from a Server Request Forgery SSRF vulnerability in th...
InfoDoc Document On-line Submission and Approval System 代码问题漏洞
InfoDoc Document On-line Submission and Approval System is a document on-line submission and approval system from InfoDoc, Inc. A code issue vulnerability exists in the InfoDoc Document On-line Submission and Approval System that stems from a file upload vulnerability. An attacker could use this...