CVE-2024-28418

Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/wecmd.php...

CVE-2024-28417

Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/wecmd.php...

PT-2024-22422 · Unknown · Webedition Cms

Name of the Vulnerable Software and Affected Versions: Webedition CMS version 9.2.2.0 Description: The issue is a Stored XSS vulnerability. It can be exploited via the "/webEdition/we cmd.php" API endpoint. Recommendations: For Webedition CMS version 9.2.2.0, as a temporary workaround, consider...

PT-2024-22423 · Unknown · Webedition Cms

Name of the Vulnerable Software and Affected Versions: Webedition CMS version 9.2.2.0 Description: The issue is related to a File upload vulnerability. This vulnerability can be exploited via the /webEdition/we cmd.php API endpoint. Recommendations: For Webedition CMS version 9.2.2.0, as a...

Webedition Security Vulnerabilities

Webedition is an open source web application framework from German company Webedition. A security vulnerability exists in Webedition CMS version 9.2.2.0, which stems from /webEdition/wecmd.php allowing file uploads...

JVN#49068796: Multiple MOTEX products vulnerable to privilege escalation

LanScope Cat and LanScope An provided by MOTEX Inc. contain a privilege escalation vulnerability. Impact An user who can login to the PC where the vulnerable product is installed may obtain unauthorized privileges and execute arbitrary code. Solution Update the Software Update to the latest versi...