5 matches found
EUVD-2024-25243
Malicious code in bioql PyPI...
SolarWinds Platform TestWebsiteUrl Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the TestWebsiteUrl method. The issue results from the lack...
PT-2023-24234 · Solarwinds · Solarwinds Platform
Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML, due to incorrect input neutralization...
CVE-2023-23836 SolarWinds Platform Deserialization of Untrusted Data Vulnerability
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands...
PT-2023-2037 · Solarwinds · Solarwinds Platform
Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue is related to the Deserialization of Untrusted Data, allowing a remote adversary with admin-level account access to the SolarWinds Web Console to execute arbitrary...