6.6
CVE-2024-3788 - Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through License (/admin/CDPUsers). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
6.6
CVE-2024-3787 - Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 disks (/admin/DeviceS3). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
6.6
CVE-2024-3786 - Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
6.6
CVE-2024-3785 - Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
6.6
CVE-2024-3784 - Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
7.7
CVE-2024-3783 - Path Traversal vulnerability in WBSAirback
The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system.
8.8
CVE-2024-3782 - Cross-Site Request Forgery (CSRF) vulnerability in WBSAirback
Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions once it is executed by a privileged user.
9.1
CVE-2024-3781 - OS Command Injection vulnerability in WBSAirback
Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04.
6
CVE-2024-24898 - Information Leakage in kernel
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in openEuler kernel on Linux allows Resource Leak Exposure. This vulnerability is associated with program files https://gitee.Com/openeuler/kernel/blob/openEuler-1.0-LTS/drivers/staging/gmjstcm/tcm.C. This issue affects kerneβ¦
6
CVE-2024-24891 - Information Leakage in kernel
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in openEuler kernel on Linux allows Resource Leak Exposure. This vulnerability is associated with program files https://gitee.Com/openeuler/kernel/blob/openEuler-1.0-LTS/drivers/staging/gmjstcm/tcm.C. This issue affects kerneβ¦