Vulnerabilities (CVE)

Filtered by vendor Softvibe Subscribe
Filtered by product Saraban
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38697 1 Softvibe 1 Saraban 2024-11-21 7.5 HIGH 9.8 CRITICAL
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
CVE-2021-38696 1 Softvibe 1 Saraban 2024-11-21 5.0 MEDIUM 7.5 HIGH
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
CVE-2021-38695 1 Softvibe 1 Saraban 2024-11-21 3.5 LOW 5.4 MEDIUM
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
CVE-2021-38694 1 Softvibe 1 Saraban 2024-11-21 5.0 MEDIUM 7.5 HIGH
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.