Write-back Manager Security Vulnerabilities and Issues — Write-back Manager CVE List

Lucene search

Xpand-itWrite-back Manager

4 matches found

CVE•added 2023/10/26 11:15 p.m.•35 views

CVE-2023-27170

Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter.

7.5CVSS7.5AI score0.00436EPSS

CVE•added 2024/01/19 2:15 p.m.•31 views

CVE-2023-27168

An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file.

9.8CVSS9.4AI score0.00237EPSS

CVE•added 2023/09/12 12:15 p.m.•29 views

CVE-2023-27169

Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation.

6.5CVSS6.4AI score0.00157EPSS

CVE•added 2023/12/20 1:15 a.m.•29 views

CVE-2023-27172

Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack.

9.1CVSS8.9AI score0.00082EPSS