15 matches found
EUVD-2021-18955
Malware in sbrugna...
EUVD-2021-18952
Malware in sbrugna...
EUVD-2021-18951
Malware in sbrugna...
CVE-2021-32094
U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to upload arbitrary files...
CVE-2021-32092
A Cross-site scripting XSS vulnerability in the DocumentAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter...
CVE-2021-32096
The ConsoleAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code for an eval call via the CONSOLECOMMANDSTRING parameter...
CVE-2021-32093
The ConfigFileAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter...
CVE-2021-32095
U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to delete arbitrary files...
CVE-2021-32092
A Cross-site scripting XSS vulnerability in the DocumentAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter...
Cross site scripting
A Cross-site scripting XSS vulnerability in the DocumentAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter...
Design/Logic Flaw
The ConfigFileAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter...
CVE-2021-32094
U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to upload arbitrary files...
Cross site request forgery (csrf)
The ConsoleAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code for an eval call via the CONSOLECOMMANDSTRING parameter...
CVE-2021-32093
The ConfigFileAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter...
CVE-2021-32096
The ConsoleAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code for an eval call via the CONSOLECOMMANDSTRING parameter...