cbcvebase.

Smartbear Soapui vulnerabilities

4 known vulnerabilities affecting smartbear/soapui.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3

Vulnerabilities

Page 1 of 1
CVE-2014-1202P2CRITICALCVSS 9.3PoC≤ 4.6.3v4.0+7 more2014-01-25
CVE-2014-1202 [CRITICAL] CWE-94 CVE-2014-1202: The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitra The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.
nvd
CVE-2024-7565P3HIGHCVSS 7.8v.5.7.0vSoapUI 5.7.02024-11-22
CVE-2024-7565 [HIGH] CWE-22 CVE-2024-7565: SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerab SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw ex
nvd
CVE-2017-16670P3HIGHCVSS 7.8v5.3.02018-02-19
CVE-2017-16670 [HIGH] CWE-94 CVE-2017-16670: The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java c The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.
nvd
CVE-2019-12180P3HIGHCVSS 7.8≤ 5.52020-02-05
CVE-2019-12180 [HIGH] CVE-2019-12180: An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When o An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the
nvd
Smartbear Soapui vulnerabilities | cvebase