VYPR

PowerShell Universal

by Ironman

CVEs (2)

  • CVE-2024-50616HigOct 27, 2024
    risk 0.57cvss 8.8epss 0.00

    Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information.

  • CVE-2023-49213HigNov 23, 2023
    risk 0.57cvss 8.8epss 0.02

    The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1.