Vulnerabilities > Axway

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-26	CVE-2019-14277	XML Injection (aka Blind XPath Injection) vulnerability in Axway Securetransport Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. network low complexity axway CWE-91 critical	9.8
2019-04-03	CVE-2015-5606	Improper Input Validation vulnerability in Axway Vordel XML Gateway 7.2.2 Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service via a specially crafted request. network low complexity axway CWE-20	7.5
2019-01-21	CVE-2019-6500	Path Traversal vulnerability in Axway File Tranfer Direct 2.7.1 In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring. network low complexity axway CWE-22	7.5

Vulnerabilities > Axway {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Axway"}]}