Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
martin heiland vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv3
CVE-2016-4027
An issue exists in Open-Xchange OX App Suite prior to 7.8.1-rev10. App Suite frontend offers to control whether a user wants to store cookies that exceed the session duration. This functionality is useful when logging in from clients with reduced privileges or shared environments...
Open-xchange Open-xchange Appsuite
4.3
CVSSv3
CVE-2016-4047
An issue exists in Open-Xchange OX App Suite prior to 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a resul...
Open-xchange Open-xchange Appsuite
NA
CVE-2014-7871
SQL injection vulnerability in Open-Xchange (OX) AppSuite prior to 7.4.2-rev36 and 7.6.x prior to 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call.
Open-xchange Open-xchange Appsuite 7.6.0
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-9426
OX Guard 2.10.3 and previous versions allows XSS.
Open-xchange Ox Guard 2.10.3
6.1
CVSSv3
CVE-2016-5124
An issue exists in Open-Xchange OX App Suite prior to 7.8.1-rev14. Adding images from external sources to HTML editors by drag&drop can potentially lead to script code execution in the context of the active user. To exploit this, a user needs to be tricked to use an image fro...
Open-xchange Open-xchange Appsuite
7.5
CVSSv3
CVE-2019-7159
OX App Suite 7.10.1 and previous versions allows Information Exposure.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-44213
OX App Suite up to and including 7.10.5 allows XSS via uuencoding in a multipart/alternative message.
Open-xchange Ox App Suite
6.1
CVSSv3
CVE-2022-37307
OX App Suite up to and including 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
6.1
CVSSv3
CVE-2022-37309
OX App Suite up to and including 7.10.6 allows XSS via script code within a contact that has an e-mail address but lacks a name.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
6.1
CVSSv3
CVE-2022-37310
OX App Suite up to and including 7.10.6 allows XSS via a malicious capability to the metrics or help module, as demonstrated by a /#!!&app=io.ox/files&cap= URI.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »