Skybox Platform Security Vulnerabilities and Issues — Skybox Platform CVE List

Lucene search

SkyboxsecuritySkybox Platform

5 matches found

CVE•added 2018/01/12 10:29 p.m.•34 views

CVE-2015-9247

An issue was discovered in Skybox Platform before 7.5.401. Reflected cross-site scripting vulnerabilities exist in /skyboxview/webservice/services/VersionRepositoryWebService via a soapenv:Body element, or in the status parameter to login.html.

5.4CVSS5.4AI score0.00206EPSS

CVE•added 2018/01/12 10:29 p.m.•30 views

CVE-2015-9246

An issue was discovered in Skybox Platform before 7.5.201. Remote Unauthenticated Code Execution exists via a WAR archive containing a JSP file. The WAR file is sent to /skyboxview-softwareupdate/services/CollectorSoftwareUpdate and the JSP file is reached at /opt/skyboxview/thirdparty/jboss/server...

10CVSS9.3AI score0.02569EPSS

CVE•added 2018/01/12 10:29 p.m.•30 views

CVE-2015-9250

An issue was discovered in Skybox Platform before 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webskybox/filedownload via the tempFileName parameter.

7.5CVSS7.5AI score0.00561EPSS

CVE•added 2018/01/12 10:29 p.m.•29 views

CVE-2015-9249

An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview/webservice/services/VersionWebService via a soapenv:Body element.

9.8CVSS9.7AI score0.00264EPSS

CVE•added 2018/01/12 10:29 p.m.•26 views

CVE-2015-9248

An issue was discovered in Skybox Platform before 7.5.201. Stored cross-site scripting vulnerabilities exist in the title, Comments, or Description field to /skyboxview/webskybox/tickets in Change Manager.

5.4CVSS5.4AI score0.00206EPSS