Vulnerabilities > Wolterskluwer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-25 | CVE-2023-49328 | Injection vulnerability in Wolterskluwer B.Point 23.70.00 On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module. | 7.2 |
2023-06-16 | CVE-2023-33438 | Cross-site Scripting vulnerability in Wolterskluwer Teammate+ 35.0.11.0 A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML. | 5.4 |
2022-06-06 | CVE-2021-41932 | SQL Injection vulnerability in Wolterskluwer Teammate+ Audit 28.0.19.0 A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc. | 6.5 |
2021-12-17 | CVE-2021-44035 | Unspecified vulnerability in Wolterskluwer Teammate Audit Management 12.4 Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files. network wolterskluwer | 6.8 |
2010-08-26 | CVE-2010-3125 | Unspecified vulnerability in Wolterskluwer Teammate Audit Management Software Suite 8.0 Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx file. | 9.3 |