Vendor
SoftVibe
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38697 | 0.00 | — | 0.03 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution. | |||
| CVE-2021-38696 | 0.00 | — | 0.02 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. | |||
| CVE-2021-38695 | 0.00 | — | 0.01 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form. | |||
| CVE-2021-38694 | 0.00 | — | 0.01 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. |
- CVE-2021-38697Jan 18, 2022risk 0.00cvss —epss 0.03
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
- CVE-2021-38696Jan 18, 2022risk 0.00cvss —epss 0.02
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
- CVE-2021-38695Jan 18, 2022risk 0.00cvss —epss 0.01
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
- CVE-2021-38694Jan 18, 2022risk 0.00cvss —epss 0.01
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.