CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2015/02/28 12:0 a.m.•1 views

Multiple Cross-Site Scripting Vulnerabilities in PNMsoft Sequence Kinetics

PNMsoft Sequence Kinetics is a next-generation business process management suite released by Israel-based PNMsoft that enables rapid establishment of high-availability workflow applications and close human collaboration on change while maintaining lifecycle governance. Multiple cross-site scripti...

4.3CVSS6.1AI score0.00263EPSS

CNVD•added 2015/02/28 12:0 a.m.•2 views

PNMsoft Sequence Kinetics Directory Traversal Vulnerability

5CVSS6.9AI score0.00379EPSS

CNVD•added 2015/02/28 12:0 a.m.•1 views

PNMsoft Sequence Kinetics Denial of Service Vulnerability

5CVSS6.7AI score0.00474EPSS

NVD•added 2015/02/19 11:59 a.m.•6 views

CVE-2014-6304

The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 allows remote attackers to obtain sensitive source-code information via unspecified vectors...

5CVSS6.2AI score0.0025EPSS

NVD•added 2015/02/19 11:59 a.m.•17 views

CVE-2014-6303

The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 do not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service resource consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS6.9AI score0.00474EPSS

NVD•added 2015/02/19 11:59 a.m.•9 views

CVE-2014-6302

The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

5CVSS6.7AI score0.00379EPSS

NVD•added 2015/02/19 11:59 a.m.•9 views

CVE-2014-6301

Multiple cross-site scripting XSS vulnerabilities in the tables-management module in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.00263EPSS

Prion•added 2015/02/19 11:59 a.m.•14 views

Code injection

The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 allows remote attackers to obtain sensitive source-code information via unspecified vectors...

5CVSS6.8AI score0.0025EPSS

Prion•added 2015/02/19 11:59 a.m.•8 views

Cross site scripting

4.3CVSS6AI score0.00263EPSS

Prion•added 2015/02/19 11:59 a.m.•9 views

Xxe

5CVSS7.2AI score0.00379EPSS

Cvelist•added 2015/02/19 11:0 a.m.•10 views

CVE-2014-6301

5.8AI score0.00263EPSS

Cvelist•added 2015/02/19 11:0 a.m.•10 views

CVE-2014-6302

6.7AI score0.00379EPSS

CVE•added 2015/02/19 11:0 a.m.•36 views

CVE-2014-6304

CVE-2014-6304 affects PNMsoft Sequence Kinetics—the Form Controls CSS file—where information disclosure enables remote attackers to obtain sensitive source-code information. Public entries indicate impact for Sequence Kinetics versions up to 7.6 (CNVD reference cites 7.5 and earlier; NVD notes vu...

5CVSS6.4AI score0.0025EPSS

CVE•added 2015/02/19 11:0 a.m.•33 views

CVE-2014-6302

PNMsoft Sequence Kinetics prior to version 7.7 is affected by an XML External Entity (XXE) vulnerability in the Monitoring Administration pages, allowing remote attackers to read arbitrary files via XML external entity declarations combined with entity references. The root cause is XXE processing...

5CVSS6.9AI score0.00379EPSS

CVE•added 2015/02/19 11:0 a.m.•34 views

CVE-2014-6301

PNMsoft Sequence Kinetics is affected by XSS in the tables-management module for versions before 7.7. The vulnerability allows remote attackers to inject arbitrary script/HTML via unspecified vectors. No exploitation details are provided in the sources; a fix is implied by the 7.7 threshold (upgr...

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2015/02/19 11:0 a.m.•59 views

CVE-2014-6303

Technical details about CVE-2014-6303 (affected product, version specifics, root cause, impact, or fixes) are not provided in the supplied Connected documents. Monitor for updates in official advisories for precise remediation information.

5CVSS6.8AI score0.00474EPSS