Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
konzept-ix publixone vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-27179
konzept-ix publiXone prior to 2020.015 allows malicious users to take over arbitrary user accounts by crafting password-reset tokens.
Konzept-ix Publixone
7.5
CVSSv3
CVE-2020-27180
konzept-ix publiXone prior to 2020.015 allows malicious users to download files by iterating over the IXCopy fileID parameter.
Konzept-ix Publixone
6.5
CVSSv3
CVE-2020-27181
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone prior to 2020.015 allows malicious users to craft password-reset tokens or decrypt server-side configuration files.
Konzept-ix Publixone
6.1
CVSSv3
CVE-2020-27182
Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone prior to 2020.015 allow remote malicious users to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp, ixedit/editor_component.jsp, or the login form.
Konzept-ix Publixone
9.8
CVSSv3
CVE-2020-27183
A RemoteFunctions endpoint with missing access control in konzept-ix publiXone prior to 2020.015 allows malicious users to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.
Konzept-ix Publixone
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started