Arcgis Server@10.1 Security Vulnerabilities and Issues — Arcgis Server@10.1 CVE List

Lucene search

EsriArcgis Server10.1

4 matches found

CVE•added 2012/11/14 12:30 p.m.•52 views

CVE-2012-4949

SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote authenticated users to execute arbitrary SQL commands via the where parameter to a query URI for a REST service.

6.5CVSS8.2AI score0.0102EPSS

CVE•added 2013/12/30 4:53 a.m.•40 views

CVE-2013-7231

Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222.

3.5CVSS5.4AI score0.00172EPSS

CVE•added 2013/09/24 10:35 a.m.•39 views

CVE-2013-5221

The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 allows remote authenticated users to upload .exe files by leveraging (1) publisher or (2) administrator privileges.

3.5CVSS6.6AI score0.00131EPSS

CVE•added 2013/12/30 4:53 a.m.•36 views

CVE-2013-5222

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5CVSS5.4AI score0.00172EPSS