45 matches found
EUVD-2016-5034
Malware in sbrugna...
EUVD-2015-5650
Malware in sbrugna...
EUVD-2023-30276
Malicious code in bioql PyPI...
CVE-2023-26456
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...
CVE-2020-9426
OX Guard 2.10.3 and earlier allows XSS...
CVE-2023-26456
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...
CVE-2023-26456
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...
Cross site scripting
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...
CVE-2023-26456
CVE-2023-26456 affects Open-Xchange App Suite/OX Guard. The vulnerability stems from allowing arbitrary input for the product name, which was not sufficiently sanitized when processed in the UI, enabling indirect cross-site scripting and, in scenarios where accounts were temporarily taken over, p...
CVE-2023-26456
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...
CVE-2023-26456
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...
CVE-2020-28944
OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data...
Code injection
OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data...
CVE-2020-28944
CVE-2020-28944 affects Open-Xchange/OX App Suite (OX Guard) prior to fixes. The connected packetstorm entry confirms vulnerable product/version: OX App Suite 7.10.4 and earlier with a Denial of Service via a WKS server that responds slowly or with large data volumes. The vulnerability affects the...
CVE-2020-28944
OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data...
OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting
Product: OX App Suite / OX Guard Vendor: OX Software GmbH Affected product: OX App Suite Internal reference: OXUIB-481 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.4 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendo...
Open-Xchange OX Guard Cross-Site Scripting Vulnerability (CNVD-2020-53118)
Open-Xchange OX Guard is an encryption software from Open-Xchange USA. The software is mainly used for encryption/decryption of emails and documents. A cross-site scripting vulnerability exists in Open-Xchange OX Guard 2.10.3 and earlier versions. The vulnerability stems from a lack of proper...
CVE-2020-9427
OX Guard 2.10.3 and earlier allows SSRF...
CVE-2020-9426
OX Guard 2.10.3 and earlier allows XSS...
Server side request forgery (ssrf)
OX Guard 2.10.3 and earlier allows SSRF...