Filtered by vendor Wolterskluwer
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49328 | 2 Linux, Wolterskluwer | 2 Linux Kernel, B.point | 2024-01-03 | N/A | 7.2 HIGH |
| On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module. | |||||
| CVE-2023-33438 | 1 Wolterskluwer | 1 Teammate\+ | 2023-12-10 | N/A | 5.4 MEDIUM |
| A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2021-41932 | 1 Wolterskluwer | 1 Teammate\+ Audit | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc. | |||||
| CVE-2021-44035 | 1 Wolterskluwer | 1 Teammate Audit Management | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files. | |||||
| CVE-2010-3125 | 1 Wolterskluwer | 1 Teammate Audit Management Software Suite | 2023-12-10 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx file. | |||||