Filtered by vendor Softvibe
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38694 | 1 Softvibe | 1 Saraban | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. | |||||
| CVE-2021-38695 | 1 Softvibe | 1 Saraban | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form. | |||||
| CVE-2021-38697 | 1 Softvibe | 1 Saraban | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution. | |||||
| CVE-2021-38696 | 1 Softvibe | 1 Saraban | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. | |||||