RSS   Vulnerabilities for 'Axiom'   RSS

2019-04-03
 
CVE-2015-5463

CWE-285
 

 
AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a Denial of Service on global application, or (4) write/read/delete arbitrary files on server hosting the application.

 
 
CVE-2015-5462

CWE-74
 

 
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.

 
 
CVE-2015-5384

CWE-384
 

 
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.

 


Copyright 2019, cxsecurity.com

 

Back to Top