Vulnerabilities > Softvibe

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-18	CVE-2021-38695	Cross-site Scripting vulnerability in Softvibe Saraban 1.1 SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. network low complexity softvibe CWE-79	5.4
2022-01-18	CVE-2021-38696	Unspecified vulnerability in Softvibe Saraban 1.1 SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. network low complexity softvibe	7.5
2022-01-18	CVE-2021-38697	Unrestricted Upload of File with Dangerous Type vulnerability in Softvibe Saraban 1.1 SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution. network low complexity softvibe CWE-434 critical	9.8
2022-01-18	CVE-2021-38694	SQL Injection vulnerability in Softvibe Saraban 1.1 SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. network low complexity softvibe CWE-89	7.5

Vulnerabilities > Softvibe {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Softvibe"}]}