38 matches found
EUVD-2023-43139
Malicious code in bioql PyPI...
EUVD-2023-43140
Malicious code in bioql PyPI...
NorthGrid Proself XXE (CVE-2023-45727)
The version of NorthGrid Proself installed on the remote host is Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, or Proself Mail Sanitize Edition Ver1.08 and earlier. These versions allow a remote unauthenticated attacker to conduct XML Extern...
CVE-2023-39416
Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands...
CVE-2023-39415
Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an...
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
NorthGrid Proself Installed (Linux)
Binary data northgridproselflinuxinstalled.nbin...
NorthGrid Proself Installed (Windows)
Binary data northgridproselfwininstalled.nbin...
North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability
North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Entity XXE reference vulnerability, which could allow a remote, unauthenticated attacker to conduct an XXE attack...
VulnCheck KEV: CVE-2023-45727
North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Entity XXE reference vulnerability, which could allow a remote, unauthenticated attacker to conduct an XXE attack...
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
Xxe
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
CVE-2023-45727
CVE-2023-45727 affects Proself Enterprise/Standard Edition v5.62 and earlier, Proself Gateway Edition v1.65 and earlier, and Proself Mail Sanitize Edition v1.08 and earlier. A remote unauthenticated attacker can trigger an XML External Entity (XXE) processing flaw by sending carefully crafted XML...
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
Improper restriction of XML external entity references (XXE) in Proself
Overview Proself provided by North Grid Corporation improperly restricts XML external entity references XXE CWE-611. The developer states that attacks exploiting this vulnerability have been observed. North Grid Corporation reported this vulnerability to JPCERT/CC to notify users of its solution...
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...
JVN#95981460: Improper restriction of XML external entity references (XXE) in Proself
Proself provided by North Grid Corporation improperly restricts XML external entity references XXE CWE-611. The developer states that attacks exploiting this vulnerability have been observed. Impact By processing a specially crafted request containing malformed XML data, arbitrary files on the...
Proself Code Issue Vulnerability
Proself is an application from Proself, Inc. A security vulnerability exists in some Proself products. An attacker could exploit the vulnerability to perform an XML External Entity XXE attack, which could read arbitrary files containing account information on the server. The following products an...