20 matches found
EUVD-2020-19052
Malware in sbrugna...
EUVD-2020-19053
Malware in sbrugna...
EUVD-2020-19054
Malware in sbrugna...
CVE-2020-26507
A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...
CVE-2020-26506
An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed files were not visible by the low privileged users in the web GUI...
CVE-2020-26507
A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...
CVE-2020-26507
A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...
Design/Logic Flaw
A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...
CVE-2020-26505
A Stored Cross-Site Scripting XSS vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized...
CVE-2020-26505
A Stored Cross-Site Scripting XSS vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized...
Cross site scripting
A Stored Cross-Site Scripting XSS vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized...
CVE-2020-26507
A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...
CVE-2020-26507
The CVE-2020-26507 entry concerns Marmind Web Application 4.1.141.0, affected by a CSV/Formula Injection vulnerability in the Notes functionality on the main screen and the Description field under Insert To-Do. The attacker can provide formula code to inject a payload into exported CSV data, whic...
CVE-2020-26505
CVE-2020-26505 affects Marmind web application (version 4.1.141.0) and is a stored XSS vulnerability. The issue arises via the Assets Upload function, where an attacker can upload a malicious PDF file containing JavaScript that is later executed in other users’ browsers when they access assets, e...
CVE-2020-26505
A Stored Cross-Site Scripting XSS vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized...
CVE-2020-26506
An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed files were not visible by the low privileged users in the web GUI...
CVE-2020-26506
An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed files were not visible by the low privileged users in the web GUI...
Authorization
An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed files were not visible by the low privileged users in the web GUI...
CVE-2020-26506
An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed files were not visible by the low privileged users in the web GUI...
CVE-2020-26506
The CVE-2020-26506 entry concerns Marmind web application version 4.1.141.0 with an Authorization Bypass allowing lower-privilege users to access files uploaded by administrative users. The accessed files were not visible to low-privilege users in the GUI. The connected documents provide the affe...