RSS   Vulnerabilities for 'Web module'   RSS

2019-05-17
 
CVE-2019-12163

CWE-200
 

 
GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.

 
2019-04-09
 
CVE-2019-11028

CWE-434
 

 
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx".

 


Copyright 2024, cxsecurity.com

 

Back to Top