Vulnerabilities > Axiomsl

DATE CVE VULNERABILITY TITLE RISK
2019-04-03 CVE-2015-5462 Injection vulnerability in Axiomsl Axiom 9.5.3
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.
network
low complexity
axiomsl CWE-74
6.1
2019-04-03 CVE-2015-5384 Session Fixation vulnerability in Axiomsl Axiom 9.5.3
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.
network
low complexity
axiomsl CWE-384
8.8
2019-04-03 CVE-2015-5463 Improper Authorization vulnerability in Axiomsl Axiom 9.5.3
AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a Denial of Service on global application, or (4) write/read/delete arbitrary files on server hosting the application.
network
low complexity
axiomsl CWE-285
critical
9.8