Vulnerabilities (CVE)

Filtered by vendor Axiomsl Subscribe
Filtered by product Axiom
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-5463 1 Axiomsl 1 Axiom 2024-11-21 7.5 HIGH 9.8 CRITICAL
AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a Denial of Service on global application, or (4) write/read/delete arbitrary files on server hosting the application.
CVE-2015-5462 1 Axiomsl 1 Axiom 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.
CVE-2015-5384 1 Axiomsl 1 Axiom 2024-11-21 6.8 MEDIUM 8.8 HIGH
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.