Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moveit transfer vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-8611
In Progress MOVEit Transfer 2019.1 prior to 2019.1.4 and 2019.2 prior to 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated malicious user to gain unauthorized access to MOVEit Transfer's database via the REST A...
Progess Moveit Transfer
Progress Moveit Transfer
9
CVSSv3
CVE-2020-8612
In Progress MOVEit Transfer 2019.1 prior to 2019.1.4 and 2019.2 prior to 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated malicious user to execute arbitrary code in a victim's browser, aka XSS.
Progess Moveit Transfer
Progress Moveit Transfer
9.8
CVSSv3
CVE-2023-34362
In Progress MOVEit Transfer prior to 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated malicious user to gain a...
Progress Moveit Cloud
Progress Moveit Transfer
18 Github repositories
10 Articles
9.8
CVSSv3
CVE-2019-18464
In Progress MOVEit Transfer 10.2 prior to 10.2.6 (2018.3), 11.0 prior to 11.0.4 (2019.0.4), and 11.1 prior to 11.1.3 (2019.1.3), multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated malicious user to gain unauthorized access t...
Ipswitch Moveit Transfer
8.1
CVSSv3
CVE-2023-36932
In Progress MOVEit Transfer prior to 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an auth...
Progress Moveit Transfer
1 Article
6.1
CVSSv3
CVE-2023-6217
In Progress MOVEit Transfer versions released prior to 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a reflected cross-site scripting (XSS) vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer. An attacker could craft a m...
Progress Moveit Transfer
7.2
CVSSv3
CVE-2023-6218
In Progress MOVEit Transfer versions released prior to 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions...
Progress Moveit Transfer
8.8
CVSSv3
CVE-2021-31827
In Progress MOVEit Transfer prior to 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated malicious user to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being ...
Progress Moveit Transfer
7.5
CVSSv3
CVE-2023-36933
In Progress MOVEit Transfer prior to 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an malicious user to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Tr...
Progress Moveit Transfer
1 Article
9.1
CVSSv3
CVE-2023-36934
In Progress MOVEit Transfer prior to 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticate...
Progress Moveit Transfer
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »