Saraban Security Vulnerabilities and Issues — Saraban CVE List

Lucene search

SoftvibeSaraban

4 matches found

CVE•added 2022/01/18 3:15 p.m.•38 views

CVE-2021-38697

SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.

9.8CVSS9.8AI score0.02098EPSS

CVE•added 2022/01/18 3:15 p.m.•37 views

CVE-2021-38696

SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.

7.5CVSS7.5AI score0.00351EPSS

CVE•added 2022/01/18 2:15 p.m.•36 views

CVE-2021-38694

SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.

7.5CVSS7.8AI score0.00276EPSS

CVE•added 2022/01/18 3:15 p.m.•36 views

CVE-2021-38695

SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.

5.4CVSS5.2AI score0.00259EPSS