Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange appsuite vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2017-13667
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: SSRF.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2023-26443
Full-text autocomplete search allows user-provided SQL syntax to be injected to SQL statements. With existing sanitization in place, this can be abused to trigger benign SQL Exceptions but could potentially be escalated to a malicious SQL injection vulnerability. We now properly ...
Open-xchange Open-xchange Appsuite Backend
9.8
CVSSv3
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2019-7158
OX App Suite 7.10.0 and previous versions has Incorrect Access Control.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5212
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
Open-xchange Open-xchange Appsuite 7.8.3
9.8
CVSSv3
CVE-2017-17060
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Insecure Permissions.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5210
Open-Xchange GmbH OX App Suite 7.8.3 and previous versions is affected by: Information Exposure.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5863
Open-Xchange GmbH OX App Suite 7.8.3 and previous versions is affected by: Incorrect Access Control.
Open-xchange Open-xchange Appsuite
8.8
CVSSv3
CVE-2023-26453
Requests to cache an image could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL stateme...
Open-xchange Open-xchange Appsuite 7.10.6
Open-xchange Open-xchange Appsuite
8.8
CVSSv3
CVE-2023-26452
Requests to cache an image and return its metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by defaul...
Open-xchange Open-xchange Appsuite 7.10.6
Open-xchange Open-xchange Appsuite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »