5 matches found
CVE-2024-22219
XML External Entity XXE vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution RCE, or...
CVE-2024-22218
XML External Entity XXE vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution RCE, or...
CVE-2024-22217
A Server-Side Request Forgery SSRF vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on...
PT-2024-19282 · Terminalfour · Terminalfour
Name of the Vulnerable Software and Affected Versions: Terminalfour versions 8.0.0001 through 8.3.18 XML JDBC versions up to 1.0.4 Description: The issue allows authenticated users to submit malicious XML via unspecified features, potentially leading to accessing the underlying server, remote cod...
PT-2024-19285 · Terminalfour · Terminalfour +1
Name of the Vulnerable Software and Affected Versions: Terminalfour versions 7.4 through 7.4.0004 QP3 Terminalfour versions 8 through 8.3.19 Formbank versions through 2.1.10-FINAL Description: An issue allows Unauthenticated Stored Cross-Site Scripting, potentially leading to Admin Session...