13 matches found
EUVD-2023-30354
Malicious code in bioql PyPI...
EUVD-2024-22978
Malicious code in bioql PyPI...
CVE-2023-26559
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...
CVE-2024-25662
Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...
CVE-2024-25662
Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...
CVE-2024-25662
Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...
CVE-2024-25662
Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...
PT-2024-21079 · Syncro Soft · Oxygen Xml Web Author +1
Name of the Vulnerable Software and Affected Versions: Oxygen XML Web Author versions prior to 26.0.0 Oxygen Content Fusion versions prior to 6.1 Description: The issue allows for Cross-Site Scripting XSS attacks using malicious URLs. Recommendations: For Oxygen XML Web Author versions prior to...
CVE-2023-26559
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...
Directory traversal
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...
CVE-2023-26559
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...
PT-2023-20727 · Syncro Soft · Oxygen Content Fusion +1
Name of the Vulnerable Software and Affected Versions: Oxygen XML Web Author versions prior to 25.0.0.3 build 2023021715 Oxygen Content Fusion versions prior to 5.0.3 build 2023022015 Description: A directory traversal issue allows an attacker to read files from a WEB-INF directory via a crafted...
CVE-2023-26559
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...