Myconnection Server Security Vulnerabilities and Issues — Myconnection Server CVE List

Lucene search

VisualwareMyconnection Server

8 matches found

CVE•added 2021/02/26 11:15 p.m.•129 views

CVE-2021-27198

An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs ...

10CVSS9.7AI score0.12315EPSS

CVE•added 2021/02/19 11:15 p.m.•71 views

CVE-2021-27509

In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.

7.5CVSS7.5AI score0.00276EPSS

CVE•added 2024/05/03 3:15 a.m.•50 views

CVE-2023-42034

Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to exploit this vulnerab...

8.8CVSS8.4AI score0.00308EPSS

CVE•added 2024/05/03 3:15 a.m.•44 views

CVE-2023-42035

Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this vul...

6.5CVSS6.6AI score0.00332EPSS

CVE•added 2015/02/25 10:59 p.m.•42 views

CVE-2015-2043

Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote attackers to inject arbitrary web script or HTML via the (1) bt, (2) variable, or (3) et parameter to myspeed/db/historyitem.

4.3CVSS5.8AI score0.00318EPSS

CVE•added 2024/05/03 3:15 a.m.•42 views

CVE-2023-42032

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this vul...

7.5CVSS7.1AI score0.00606EPSS

CVE•added 2024/05/03 3:15 a.m.•41 views

CVE-2023-42033

Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Visualware MyConnection Server. Although authentication is required to exploit this vulnerabili...

7.2CVSS7.5AI score0.00992EPSS

CVE•added 2014/07/28 3:55 p.m.•33 views

CVE-2014-5113

Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9.7i allow remote attackers to inject arbitrary web script or HTML via the (1) testtype, (2) ver, (3) cm, (4) map, (5) lines, (6) pps, (7) bpp, (8) codec, (9) provtext, (10) provtextextra, (11) provlin...

4.3CVSS5.9AI score0.00334EPSS