Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange appsuite 7.8.2 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2018-5755
Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite prior to 7.6.3-rev3, 7.8.x prior to 7.8.2-rev4, 7.8.3 prior to 7.8.3-rev5, and 7.8.4 prior to 7.8.4-rev4 allows remote malicious users to read arbitrary files via a full pathname in a...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite
1 EDB exploit
6.5
CVSSv2
CVE-2018-5752
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote malicious users to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal re...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
1 EDB exploit
4.3
CVSSv2
CVE-2018-9997
Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite prior to 7.6.3-rev31, 7.8.x prior to 7.8.2-rev31, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev28 allows remote malicious users to inject arbitrary web script or HTML via the data-tar...
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.4
4.3
CVSSv2
CVE-2016-6846
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend prior to 7.6.2-rev59, 7.8.0 prior to 7.8.0-rev38, 7.8.2 prior to 7.8.2-rev8; AppSuite frontend prior to 7.6.2-rev47, 7.8.0 prior to 7.8.0-rev30, and 7.8.2 prior to 7.8.2-rev8; Office Web prior to 7.6.2...
Open-xchange Open-xchange Appsuite Frontend 7.6.2
Open-xchange Open-xchange Appsuite Backend 7.8.0
Open-xchange Open-xchange Appsuite Backend 7.8.2
Open-xchange Open-xchange Appsuite Backend 7.6.2
Open-xchange Office Web 7.8.0
Open-xchange Open-xchange Appsuite Frontend 7.8.0
Open-xchange Documentconverter-api 7.8.2
Open-xchange Office Web 7.8.2
Open-xchange Office Web 7.6.2
Open-xchange Open-xchange Appsuite Frontend 7.8.2
4.3
CVSSv2
CVE-2016-5740
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitat...
Open-xchange Open-xchange Appsuite
1 EDB exploit
4.3
CVSSv2
CVE-2016-6842
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev8. Setting the user's name to JS code makes that code execute when selecting that user's "Templates" folder from OX Documents settings. This requires the folder to be shared to the victim. Maliciou...
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2016-6844
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev8. Script code within SVG files is maintained when opening such files "in browser" based on our Mail or Drive app. In case of "a" tags, this may include link targets with base64 encoded "data&...
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2016-6845
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. This allows an malicious user to provide hyperlinks that may execute script cod...
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2016-6847
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev8. SVG files can be used as mp3 album covers. In case their XML structure contains script code, that code may get executed when calling the related cover URL. Malicious script code can be executed within a user's...
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2016-6852
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file exists or not. Attackers may discover specific system files or library versions on the mi...
Open-xchange Open-xchange Appsuite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »