Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-38697 | 1 Softvibe | 1 Saraban | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution. | |||||
CVE-2021-38696 | 1 Softvibe | 1 Saraban | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. | |||||
CVE-2021-38695 | 1 Softvibe | 1 Saraban | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form. | |||||
CVE-2021-38694 | 1 Softvibe | 1 Saraban | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. |