Vulnerabilities > Spaceapplications

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-20	CVE-2023-46470	Cross-site Scripting vulnerability in Spaceapplications Yacms 5.8.6 Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser. network low complexity spaceapplications CWE-79	5.4
2023-11-20	CVE-2023-46471	Cross-site Scripting vulnerability in Spaceapplications Yacms 5.8.6 Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via the text variable scriptContainer of the ScriptViewer. network low complexity spaceapplications CWE-79	5.4
2023-11-20	CVE-2023-47311	Improper Restriction of Rendered UI Layers or Frames vulnerability in Spaceapplications Yacms 5.8.6 An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking. network low complexity spaceapplications CWE-1021	6.1
2023-10-19	CVE-2023-45279	Cross-site Scripting vulnerability in Spaceapplications Yamcs 5.8.6 Yamcs 5.8.6 allows XSS (issue 1 of 2). network low complexity spaceapplications CWE-79	5.4
2023-10-19	CVE-2023-45280	Cross-site Scripting vulnerability in Spaceapplications Yamcs 5.8.6 Yamcs 5.8.6 allows XSS (issue 2 of 2). network low complexity spaceapplications CWE-79	5.4
2023-10-19	CVE-2023-45277	Path Traversal vulnerability in Spaceapplications Yamcs 5.8.6 Yamcs 5.8.6 is vulnerable to directory traversal (issue 1 of 2). network low complexity spaceapplications CWE-22	7.5
2023-10-19	CVE-2023-45278	Path Traversal vulnerability in Spaceapplications Yamcs 5.8.6 Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request. network low complexity spaceapplications CWE-22 critical	9.1
2023-10-19	CVE-2023-45281	Cross-site Scripting vulnerability in Spaceapplications Yamcs 5.8.6 An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file. network low complexity spaceapplications CWE-79	6.1

Vulnerabilities > Spaceapplications {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Spaceapplications"}]}

Vulnerabilities > Spaceapplications