22 matches found
EUVD-2021-29102
Malicious code in bioql PyPI...
CVE-2021-42545
An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
CVE-2021-42122
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s attributes with numeric format allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format, which makes the...
CVE-2021-42544
Missing Rate Limiting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on the Login Form allows an unauthenticated remote attacker to perform multiple login attempts, which facilitates gaining privileges...
CVE-2021-42120
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on all object attributes allows an authenticated remote attacker with Object Modification privileges to insert arbitrarily long strings, eventually leading to exhaustion...
CVE-2021-42118
Persistent Cross Site Scripting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 via the Structure Component allows an authenticated remote attacker with Object Modification privileges to inject arbitrary HTML and JavaScript code in an object...
CVE-2021-42121
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s date attributes allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads t...
Unrestricted file upload
Unrestricted File Upload in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 in the File Upload Functions allows an authenticated remote attacker with Upload privileges to upload files with any file type, enabling client-side attacks...
Session fixation
An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
Input validation
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s date attributes allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which...
CVE-2021-42545
CVE-2021-42545 : The TopEase Platform from Business-DNA Solutions GmbH is affected up to version 7.1.27 due to an insufficient session expiration issue that enables a remote attacker to reuse, spoof, or steal other user and admin sessions. The available documents identify the vulnerability as a s...
CVE-2021-42544
The CVE-2021-42544 issue affects Business-DNA Solutions GmbH TopEase Platform (Version
CVE-2021-42123
The CVE-2021-42123 entry concerns Business-DNA Solutions GmbH TopEase Platform (Web Applications) with Version
CVE-2021-42122
CVE-2021-42122 affects Business‑DNA Solutions GmbH TopEase Platform (≤7.1.27). The root cause is insufficient input validation on an object’s attributes with numeric format. An authenticated remote attacker with Object Modification privileges can insert an unexpected format, causing the affected ...
CVE-2021-42121
CVE-2021-42121 describes an insufficient input validation vulnerability in Business-DNA Solutions GmbH TopEase Platform (
CVE-2021-42120
CVE-2021-42120 affects Business-DNA Solutions GmbH TopEase Platform (Version
CVE-2021-42119
CVE-2021-42119 describes a persistent cross-site scripting vulnerability in Business-DNA Solutions GmbH TopEase platform (version ≤ 7.1.27) exposed through the Search Functionality. The issue arises when authenticated users with Object Modification privileges can inject arbitrary HTML/JavaScript ...
CVE-2021-42118
The CVE-2021-42118 entry concerns Business-DNA Solutions GmbH TopEase Platform (<= 7.1.27) via the Structure Component. Affected component is the Structure Component which allows an authenticated remote attacker with Object Modification privileges to inject arbitrary HTML/JavaScript in an obje...
CVE-2021-42118 Stored XSS in TopEase
Persistent Cross Site Scripting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 via the Structure Component allows an authenticated remote attacker with Object Modification privileges to inject arbitrary HTML and JavaScript code in an object...
CVE-2021-42117
CVE-2021-42117 affects Business-DNA Solutions GmbH TopEase Platform (Web Applications)