CVE-2019-14226

OX App Suite through 7.10.2 has Insecure Permissions.

CVE-2018-5752

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and...

CVE-2019-16716

OX App Suite through 7.10.2 has Incorrect Access Control.

CVE-2023-26453

Requests to cache an image could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could be execut...

CVE-2023-26452

Requests to cache an image and return its metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL st...

CVE-2019-11521

OX App Suite 7.10.1 allows Content Spoofing.

CVE-2017-8340

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

CVE-2023-26454

Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could be ...

CVE-2017-6912

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.