Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:51 p.m.6 views

CVE-2022-47875

A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code...

8.8CVSS7.2AI score0.1016EPSS
Exploits4References1
Prion
Prion
added 2023/05/12 2:15 p.m.11 views

Remote code execution

A Remote Code Execution RCE vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods...

4.6CVSS7.7AI score0.06247EPSS
Exploits7References2Affected Software1
Prion
Prion
added 2023/05/12 2:15 p.m.24 views

Information disclosure

An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function...

2.1CVSS5.1AI score0.02902EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2023/05/12 12:0 a.m.46 views

CVE-2022-47880

An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function...

5.3AI score0.02902EPSS
Exploits4References1
CVE
CVE
added 2023/05/12 12:0 a.m.52 views

CVE-2022-47880

The CVE-2022-47880 vulnerability affects Jedox implementations exposing /be/rpc.php (test connection) and allows remote, authenticated users with permission to modify database connections to disclose cleartext passwords. The issue is demonstrated in Jedox versions such as 2020.2.5 and is also cit...

6.8CVSS5AI score0.02902EPSS
Exploits4References1Affected Software2
0day.today
0day.today
added 2023/05/05 12:0 a.m.279 views

Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Vulnerability

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878 Introduction...

9.1CVSS8.9AI score0.35716EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/05/05 12:0 a.m.407 views

Jedox 2020.2.5 Cross Site Scripting

Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...

7.1AI score0.02631EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/05/05 12:0 a.m.313 views

Jedox 2020.2.5 Groovy-Scripts Remote Code Execution

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts Date: 28/04/2023 Exploit Author: Syslifters - Christoph Mahrl, Aron Molnar, Patrick Pirker and Michael Wedl Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47876 Introducti...

7.1AI score0.07048EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/05/05 12:0 a.m.321 views

Jedox 2020.2.5 Database Credential Disclosure

Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...

7.1AI score0.21127EPSS
Exploits8
0day.today
0day.today
added 2023/05/05 12:0 a.m.199 views

Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Vulnerability

Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction ================= A...

9.6CVSS7.1AI score0.02631EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/05/05 12:0 a.m.299 views

Jedox 2020.2.5 Configurable Storage Path Remote Code Execution

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878...

7.1AI score0.35716EPSS
Exploits4
0day.today
0day.today
added 2023/05/05 12:0 a.m.223 views

Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts Vulnerability

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts Exploit Author: Syslifters - Christoph Mahrl, Aron Molnar, Patrick Pirker and Michael Wedl Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47876 Introduction...

9.1CVSS7.1AI score0.07048EPSS
Exploits4
NVD
NVD
added 2023/05/02 8:15 p.m.21 views

CVE-2022-47874

Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'...

6.5CVSS6.2AI score0.21127EPSS
Exploits4References2
NVD
NVD
added 2023/05/02 8:15 p.m.16 views

CVE-2022-47875

A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code...

8.8CVSS8.7AI score0.1016EPSS
Exploits4References2
NVD
NVD
added 2023/05/02 8:15 p.m.23 views

CVE-2022-47876

The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts...

9.1CVSS8.7AI score0.07048EPSS
Exploits4References2
NVD
NVD
added 2023/05/02 8:15 p.m.13 views

CVE-2022-47878

Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code. NOTE: The vendor states that the vulnerability...

9.1CVSS8.7AI score0.35716EPSS
Exploits4References3
Prion
Prion
added 2023/05/02 8:15 p.m.12 views

Input validation

Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code...

6.5CVSS8.7AI score0.35716EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2023/05/02 8:15 p.m.21 views

Cross site scripting

A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'...

4.9CVSS5.1AI score0.02631EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2023/05/02 8:15 p.m.22 views

Directory traversal

A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code...

6.5CVSS8.6AI score0.1016EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2023/05/02 12:0 a.m.30 views

CVE-2022-47874

Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'...

6.6AI score0.21127EPSS
Exploits4References2
Rows per page
Query Builder