9 results (0.001 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL. Eramba version 3.19.1 suffers from a remote command execution vulnerability. • http://eramba.com https://trovent.github.io/security-advisories/TRSA-2303-01/TRSA-2303-01.txt https://trovent.io/security-advisory-2303-01 https://www.eramba.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

A stored cross-site scripting (XSS) vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field. Una vulnerabilidad de cross-site scripting (XSS) almacenadas en la función Agregar de Eramba GRC Software c2.8.1 permite a los atacantes ejecutar scripts web o HTML de su elección a través de un payload manipulado inyectado en el campo de texto Título del KPI. • https://discussions.eramba.org/t/question-stored-xss-vulnerability/2326 https://www.eramba.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

eramba through c2.8.1 allows HTTP Host header injection with (for example) resultant wkhtml2pdf PDF printing by authenticated users. eramba versiones hasta c2.8.1, permite una inyección de encabezado HTTP Host con (por ejemplo) una impresión de PDF wkhtml2pdf resultante por parte de usuarios autenticados • https://discussions.eramba.org/t/bug-injectable-host-header-security-issue/1719 https://www.eramba.org/releases • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1

eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension. eramba versión c2.8.1 y Enterprise versiones anteriores a e2.19.3, permiten un ataque de tipo XSS por medio de un nombre de archivo diseñado para un archivo adjuntado en un objeto. Por ejemplo, el nombre de archivo presenta una carga útil XSS completa seguida de la extensión .png • https://discussions.eramba.org/t/bug-security-vulnerabilities-not-serious/1650 https://gitlab.com/gitlab-com/gl-security/disclosures/-/blob/master/005_eramba/eramba_persistent_xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities). eramba versión c2.8.1 y Enterprise versiones anteriores a e2.19.3, presentan un token de recuperación de contraseña débil (createHash posee solo un millón de posibilidades) • https://discussions.eramba.org/t/bug-security-vulnerabilities-not-serious/1650/2 https://gitlab.com/gitlab-com/gl-security/disclosures/-/blob/master/005_eramba/eramba_weak_password_reset.md • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •