|
266191
|
7.2 |
HIGH
Network
|
pivotal_software
|
greenplum
|
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using GPHDFS protocol has a vulnerability whereby arbitrary commands can be injected into the system. In orde…
|
CWE-77
Command Injection
|
CVE-2016-6656
|
2024-11-21 11:56 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266192
|
6.1 |
MEDIUM
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script cod…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6854
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266193
|
4.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file ex…
|
CWE-200
Information Exposure
|
CVE-2016-6852
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266194
|
5.5 |
MEDIUM
Local
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client ("Reflected File Download"). Malicious…
|
CWE-254
7PK - Security Features
|
CVE-2016-6848
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266195
|
6.1 |
MEDIUM
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on …
|
CWE-79
Cross-site Scripting
|
CVE-2016-6853
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266196
|
6.1 |
MEDIUM
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code can be provided as parameter to the OX Guard guest reader web application. This allows cross-site scripting attacks aga…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6851
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266197
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. SVG files can be used as profile pictures. In case their XML structure contains iframes and script code, that code may get exec…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6850
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266198
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. SVG files can be used as mp3 album covers. In case their XML structure contains script code, that code may get executed when ca…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6847
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266199
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. Th…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6845
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266200
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within SVG files is maintained when opening such files "in browser" based on our Mail or Drive app. In case of "a" …
|
CWE-79
Cross-site Scripting
|
CVE-2016-6844
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
