Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress moveit transfer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34362
In Progress MOVEit Transfer prior to 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated malicious user to gain a...
Progress Moveit Cloud
Progress Moveit Transfer
18 Github repositories
11 Articles
6.5
CVSSv2
CVE-2020-8611
In Progress MOVEit Transfer 2019.1 prior to 2019.1.4 and 2019.2 prior to 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated malicious user to gain unauthorized access to MOVEit Transfer's database via the REST A...
Progess Moveit Transfer
Progress Moveit Transfer
6
CVSSv2
CVE-2020-8612
In Progress MOVEit Transfer 2019.1 prior to 2019.1.4 and 2019.2 prior to 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated malicious user to execute arbitrary code in a victim's browser, aka XSS.
Progess Moveit Transfer
Progress Moveit Transfer
7.5
CVSSv2
CVE-2021-38159
In certain Progress MOVEit Transfer versions prior to 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote malicious user to gain access to the database. Depending on the database engine being used (MySQL, Microsoft SQL...
Progress Moveit Transfer
NA
CVE-2023-42656
In Progress MOVEit Transfer versions released prior to 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a reflected cross-site scripting (XSS) vulnerability has been identified in MOVEit Transfer's web interface. An attacker could craft a maliciou...
Progress Moveit Transfer
NA
CVE-2023-42660
In Progress MOVEit Transfer versions released prior to 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated malicious user to gain ...
Progress Moveit Transfer
NA
CVE-2024-0396
In Progress MOVEit Transfer versions released prior to 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue exists. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead ...
Progress Moveit Transfer
NA
CVE-2023-36932
In Progress MOVEit Transfer prior to 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an auth...
Progress Moveit Transfer
1 Article
NA
CVE-2023-36934
In Progress MOVEit Transfer prior to 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticate...
Progress Moveit Transfer
1 Article
NA
CVE-2023-36933
In Progress MOVEit Transfer prior to 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an malicious user to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Tr...
Progress Moveit Transfer
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »