Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sage sage vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-7388
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installation path, that information can ...
Sage Adxadmin
1 Github repository
1 Article
5.4
CVSSv3
CVE-2020-7390
Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last Name," and "Email Address" fields of this web application component. Updates are available for on-premises...
Sage Syracuse
5.4
CVSSv3
CVE-2020-13893
Multiple stored cross-site scripting (XSS) vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated malicious users to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations (Best-fit Mapping), as demonstrated by the full-width variants o...
Sage Easypay 10.7.5.10
6.1
CVSSv3
CVE-2020-26583
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persisten...
Sagedpw Sage Dpw
6.1
CVSSv3
CVE-2020-26584
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. The search field "Kurs suchen" on the page Kurskatalog is vulnerable to Reflected XSS. If the attacker can lure a user into clicking a crafted link, he can execute arbitrary JavaScript code in the user's b...
Sagedpw Sage Dpw
NA
CVE-2001-1070
Sage Software MAS 200 allows remote malicious users to cause a denial of service by connecting to port 10000 and entering a series of control characters.
Sage Software Mas 200
8.8
CVSSv3
CVE-2017-3183
Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privile...
Sage Xrt Treasury 3.0
7.2
CVSSv3
CVE-2023-31867
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
Sage X3 12.14.0.50-0
5.4
CVSSv3
CVE-2023-31868
Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting (XSS). Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML...
Sage X3 12.14.0.50-0
NA
CVE-2013-6143
The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-001D3_P4 and C3413-500-001F0_PB allows remote malicious users to cause a denial of service (temporary outage and CPU consumption) via malformed DNP3 traffic.
Schneider-electric Telvent Sage 3030 Firmware C3413-500-001d3 P4
Schneider-electric Telvent Sage 3030 Firmware C3413-500-001f0 Pb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »