Lucene search
K
SmartbearSoapui

4 matches found

CVE
CVE
added 2024/11/22 9:32 p.m.82 views

CVE-2024-7565

CVE-2024-7565 describes a directory traversal vulnerability in SMARTBEAR SoapUI’s unpackageAll function. The flaw stems from insufficient validation of a user-supplied path used in file operations, allowing an attacker to achieve Remote Code Execution in the context of the current user. Exploitat...

7.8CVSS8AI score0.01027EPSS
CVE
CVE
added 2020/02/05 4:6 p.m.62 views

CVE-2019-12180

CVE-2019-12180 affects SmartBear ReadyAPI (up to 2.8.2 and 3.0.0) and SoapUI (up to 5.5). The Groovy Load Script (triggered on project open) and Save Script (on save) may execute arbitrary Groovy code on the victim’s machine via a malicious project, enabling code execution. The Red Hat/Redirectio...

9.3CVSS7.4AI score0.04592EPSS
CVE
CVE
added 2014/01/25 1:0 a.m.59 views

CVE-2014-1202

The cvE-2014-1202 entry corresponds to a code injection/remote code execution vulnerability in SoapUI prior to version 4.6.4. The issue arises in the WSDL/WADL import functionality, where a crafted request parameter in a WSDL file can cause arbitrary Java code execution on the client. Affected co...

9.3CVSS7.4AI score0.07673EPSS
Web
CVE
CVE
added 2018/02/19 7:0 p.m.49 views

CVE-2017-16670

The CVE-2017-16670 entry concerns SoapUI 5.3.0, where the project import functionality allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file. The vulnerability affects the WSDL/project import path and can lead to code execution with high imp...

7.8CVSS7.8AI score0.01656EPSS