Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vaultize enterprise file sharing 17.05.31 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-10207
An issue exists in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format.
Vaultize Enterprise File Sharing 17.05.31
3.5
CVSSv2
CVE-2018-10206
An issue exists in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS via the optional message field of a file request.
Vaultize Enterprise File Sharing 17.05.31
4.3
CVSSv2
CVE-2018-10208
An issue exists in Vaultize Enterprise File Sharing 17.05.31. There is anonymous reflected XSS on the error page via a /share/error?message= URI.
Vaultize Enterprise File Sharing 17.05.31
5
CVSSv2
CVE-2018-10211
An issue exists in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.
Vaultize Enterprise File Sharing 17.05.31
5.5
CVSSv2
CVE-2018-10212
An issue exists in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization leading to creation of folders within another account via a modified device value.
Vaultize Enterprise File Sharing 17.05.31
3.5
CVSSv2
CVE-2018-10209
An issue exists in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS on the file or folder download pop-up via a crafted file or folder name.
Vaultize Enterprise File Sharing 17.05.31
5
CVSSv2
CVE-2018-10210
An issue exists in Vaultize Enterprise File Sharing 17.05.31. Enumeration of users is possible through the password-reset feature.
Vaultize Enterprise File Sharing 17.05.31
3.5
CVSSv2
CVE-2018-10213
An issue exists in Vaultize Enterprise File Sharing 17.05.31. There is XSS in invitation mail received from a different user, who can modify the HTML in that mail before sending it.
Vaultize Enterprise File Sharing 17.05.31
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started