CVE-2021-42537

VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output...

CVE-2021-42535

VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage...

CVE-2021-38417

VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing...

Input validation

VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage...

CVE-2021-42535 VISAM VBASE Editor Cross Site Scripting

VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage...

CVE-2021-38417

CVE-2021-38417 affects VISAM VBASE Editor (WEB REMOTE) 11.6.0.6, where improper access control via the web-remote endpoint may allow an unauthenticated user to view folders/files in a directory listing. Public sources consistently describe this vulnerability as an improper access control issue (C...

VISAM VBASE 安全漏洞

VISAM VBASE is a data acquisition and monitoring system from VISAM Germany. A security vulnerability exists in VISAM VBASE version 11.6.0.6 that stems from susceptibility to improper access control via a remote endpoint over a network, which could allow an unauthenticated user to view folders and...

PT-2022-11608 · Unknown · Visam Vbase

Name of the Vulnerable Software and Affected Versions: VISAM VBASE version 11.6.0.6 Description: The issue concerns the failure to properly neutralize user-controllable input before it is used in output for a public-facing webpage. This could potentially lead to security issues, but specific...