85 matches found
EUVD-2022-44009
Malicious code in bioql PyPI...
EUVD-2023-28825
Malicious code in bioql PyPI...
EUVD-2022-44010
Malicious code in bioql PyPI...
CVE-2021-2219
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: SQR. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2021-35609
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: SQR. Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2024-5670
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
CVE-2024-5670
Summary (CVE-2024-5670) : The web services of Softnext’s Mail SQR Expert and Mail Archiving Expert fail to validate user input, enabling unauthenticated remote attackers to inject and execute arbitrary OS commands on the remote server. This is described across multiple sources as an OS command in...
CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
CVE-2023-48380
Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...
CVE-2023-48382
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
CVE-2023-48381
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
Design/Logic Flaw
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
Command injection
Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...
Design/Logic Flaw
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
CVE-2023-48382
The CVE-2023-48382 entry concerns Softnext Mail SQR Expert with a Local File Inclusion (LFI) vulnerability in a mail delivery URL. An unauthenticated attacker can exploit this to execute arbitrary PHP files with a .asp extension in certain system paths and access/modify partial system information...
CVE-2023-48382 Softnext Mail SQR Expert - Local File Inclusion-2
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
CVE-2023-48381
CVE-2023-48381 relates to Softnext Mail SQR Expert, an email management platform, with a Local File Inclusion (LFI) flaw exposed via a special URL. The vulnerability lets an unauthenticated attacker cause the execution of arbitrary PHP files with a “.asp” extension under specific system paths, en...
CVE-2023-48381 Softnext Mail SQR Expert - Local File Inclusion-1
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
CVE-2023-48379
Softnext Mail SQR Expert is an email management platform, it has inadequate filtering for a specific URL parameter within a specific function. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response...