Lucene search
K

67 matches found

NVD
NVD
added 2020/05/14 6:15 p.m.22 views

CVE-2020-12677

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

6.1CVSS6.7AI score0.01861EPSS
Exploits0References7
Prion
Prion
added 2020/05/14 6:15 p.m.22 views

Design/Logic Flaw

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

4.3CVSS6.7AI score0.01861EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2020/05/14 5:34 p.m.31 views

CVE-2020-12677

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

6.7AI score0.01861EPSS
Exploits0References7
NVD
NVD
added 2019/09/24 3:15 p.m.22 views

CVE-2019-16383

MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...

9.4CVSS9.4AI score0.05187EPSS
Exploits4References5
CVE
CVE
added 2019/09/24 2:34 p.m.87 views

CVE-2019-16383

CVE-2019-16383 affects Progress MOVEit Transfer via MOVEit.DMZ.WebApi.dll in MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1. The Red Hat/CIRCL/CNVD entries confirm an unauthenticated SQL injection via the REST API that can cause database access breaches. Affe...

9.4CVSS9.4AI score0.05187EPSS
Exploits4References5Affected Software1
Cvelist
Cvelist
added 2019/09/24 2:34 p.m.24 views

CVE-2019-16383

MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...

9.5AI score0.05187EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2016/03/25 12:0 a.m.26 views

Progress MOVEit Transfer Installed (Windows)

Binary data ipswitchdmzftpinstalled.nbin...

7.3AI score
Exploits0References2
Rows per page
Query Builder