Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CybelesoftThinfinity Virtualui

2 matches found

CVE
CVEadded 2020/06/04 4:15 p.m.40 views

CVE-2019-16385

Cybele Thinfinity VirtualUI 2.5.17.2 allows HTTP response splitting via the mimetype parameter within a PDF viewer request, as demonstrated by an example.pdf?mimetype= substring. The victim user must load an application request to view a PDF, containing the malicious payload. This results in a refl...

6.1CVSS5.8AI score0.0021EPSS
CVE
CVEadded 2020/06/04 4:15 p.m.37 views

CVE-2019-16384

Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal that can be used for data exfiltration. This enables files outside of the web directory to be retrieved if the exact location is known and the user has permissions.

6.5CVSS6.5AI score0.00288EPSS