Softvibe Saraban vulnerabilities
4 known vulnerabilities affecting softvibe/saraban.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-38697P2CRITICALCVSS 9.8v1.12022-01-18
CVE-2021-38697 [CRITICAL] CWE-434 CVE-2021-38697: SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attacke
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
nvd
CVE-2021-38696P3HIGHCVSS 7.5v1.12022-01-18
CVE-2021-38696 [HIGH] CVE-2021-38696: SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
nvd
CVE-2021-38694P3HIGHCVSS 7.5v1.12022-01-18
CVE-2021-38694 [HIGH] CWE-89 CVE-2021-38694: SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.
nvd
CVE-2021-38695P4MEDIUMCVSS 5.4v1.12022-01-18
CVE-2021-38695 [MEDIUM] CWE-79 CVE-2021-38695: SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
nvd