Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Write-Back Manager Security Vulnerabilities

cve
cve

CVE-2023-27168

An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file.

9.8CVSS

9.4AI Score

0.001EPSS

2024-01-19 02:15 PM
10
cve
cve

CVE-2023-27169

Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation.

6.5CVSS

6.4AI Score

0.001EPSS

2023-09-12 12:15 PM
16
cve
cve

CVE-2023-27170

Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter.

7.5CVSS

7.5AI Score

0.001EPSS

2023-10-26 11:15 PM
28
cve
cve

CVE-2023-27172

Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack.

9.1CVSS

8.9AI Score

0.001EPSS

2023-12-20 01:15 AM
10