Filtered by vendor Xpand-it
Subscriptions
Filtered by product Write-back Manager
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27172 | 1 Xpand-it | 1 Write-back Manager | 2024-11-21 | 9.1 Critical |
| Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack. | ||||
| CVE-2023-27170 | 1 Xpand-it | 1 Write-back Manager | 2024-11-21 | 7.5 High |
| Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter. | ||||
| CVE-2023-27169 | 1 Xpand-it | 1 Write-back Manager | 2024-11-21 | 6.5 Medium |
| Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation. | ||||
| CVE-2023-27168 | 1 Xpand-it | 1 Write-back Manager | 2024-11-21 | 9.8 Critical |
| An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file. | ||||
Page 1 of 1.