Efstechnology

Autoform Pdm Archive

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6

CVE-2012-3347

  • EPSS 1.13%
  • Veröffentlicht 13.06.2012 19:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitra...

6.5

CVE-2012-1827

  • EPSS 1.18%
  • Veröffentlicht 13.06.2012 19:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The web service in AutoFORM PDM Archive before 7.1 does not have authorization requirements, which allows remote authenticated users to perform database operations via a SOAP request, as demonstrated by the initializeQueryDatabase2 request.

6.5

CVE-2012-1828

  • EPSS 1.18%
  • Veröffentlicht 13.06.2012 19:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The administrative functions in AutoFORM PDM Archive before 7.1 do not have authorization requirements, which allows remote authenticated users to perform administrative actions by leveraging knowledge of a hidden function, as demonstrated by the pas...

3.5

CVE-2012-1829

  • EPSS 1.65%
  • Veröffentlicht 13.06.2012 19:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM Archive before 6.920 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields.