20 matches found
CVE-2025-8052
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...
CVE-2025-8050
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...
CVE-2025-8050
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...
CVE-2025-8050
The CVE-2025-8050 entry concerns OpenText Flipper 3.1.2, described as External Control of File Name or Path leading to a Path Traversal vulnerability. The available documents identify that an attacker could leverage this flaw to access files stored on the server. The material does not provide spe...
CVE-2025-8050 External Control of File vulnerability has been discovered in opentext Flipper.
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...
EUVD-2025-35106
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...
EUVD-2025-35109
Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...
CVE-2025-8053
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....
CVE-2025-8053
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....
CVE-2025-8049
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application. This issue affects Flipper: 3.1.2...
CVE-2025-8052
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...
CVE-2025-8052 HQL Injection vulnerability has been discovered in Opentext Flipper.
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...
CVE-2025-8052
CVE-2025-8052 affects OpenText Flipper 3.1.2. The vulnerability is a SQL Injection via the HQL processor that could let a low-privilege user interact with the database and extract data. The available connected sources consistently describe the impact as SQL injection with high confidentiality/int...
CVE-2025-8052 HQL Injection vulnerability has been discovered in Opentext Flipper.
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...
CVE-2025-8048 External Control of File path vulnerability has been discovered on Openext Flipper.
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2...
CVE-2025-8048
CVE-2025-8048 : OpenText Flipper 3.1.2 is affected by an External Control of File Name or Path vulnerability leading to a path traversal issue. The issue allows an attacker to submit a stored local file path and then download the specified file from the system by requesting the stored document ID...
CVE-2025-8049
CVE-2025-8049 : OpenText Flipper (version 3.1.2) contains an Insufficient Granularity of Access Control vulnerability that could allow a low-privilege user to elevate privileges within the application. The issue is described across multiple sources (NVD, Red Hat, ENISA EUVD, etc.) as a privilege-...
CVE-2025-8053 Insufficient access control vulnerability has been discovered in Opentext Flipper.
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....
CVE-2025-8053 Insufficient access control vulnerability has been discovered in Opentext Flipper.
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....
OpenText Flipper 安全漏洞
OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2 that stems from insufficient access control granularity and could lead to elevation of privilege...