Lucene search
K
EfstechnologyAutoform Pdm Archive

4 matches found

CVE
CVE
added 2012/06/13 7:0 p.m.191 views

CVE-2012-1828

AutoFORM PDM Archive/AutoFORM PDM Archive before 7.1 allows remote authenticated users to perform administrative actions due to missing authorization for hidden administrative functions (e.g., password-change). The issue is tied to the hidden function exposure and is addressed by vendor updates: ...

6.5CVSS6.3AI score0.01574EPSS
In wild
CVE
CVE
added 2012/06/13 7:0 p.m.185 views

CVE-2012-3347

CVE-2012-3347 affects AutoFORM PDM Archive prior to 7.0. The issue arises from how user accounts are implemented, allowing authenticated remote users to access the JMX Console at /jmx-console and then upload/execute arbitrary JSP code via a JBoss remote-deployment mechanism. The description docum...

6CVSS7.2AI score0.01544EPSS
In wild
CVE
CVE
added 2012/06/13 7:0 p.m.46 views

CVE-2012-1827

AutoFORM PDM Archive vulnerability CVE-2012-1827 affects versions prior to 7.1. The webservice lacks authorization, allowing remote authenticated users to interact with the application database via SOAP (notably initializeQueryDatabase2), bypassing normal permissions. This can lead to unauthorize...

6.5CVSS6.4AI score0.01574EPSS
CVE
CVE
added 2012/06/13 7:0 p.m.43 views

CVE-2012-1829

CVE-2012-1829 refers to multiple stored XSS vulnerabilities in AutoFORM PDM Archive prior to 6.920. The root cause is insufficient input validation and/or output encoding in many fields, enabling remote authenticated users to inject arbitrary scripts or HTML. Impacts include potential information...

3.5CVSS5.5AI score0.01112EPSS