|
209071
|
5.3 |
MEDIUM
Network
|
tangro
|
business_workflow
|
In tangro Business Workflow before 1.18.1, knowing an attachment ID, it is possible to download workitem attachments without being authenticated.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-26178
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209072
|
4.3 |
MEDIUM
Network
|
tangro
|
business_workflow
|
In tangro Business Workflow before 1.18.1, a user's profile contains some items that are greyed out and thus are not intended to be edited by regular users. However, this restriction is only applied …
|
CWE-669
Incorrect Resource Transfer Between Spheres
|
CVE-2020-26177
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209073
|
4.3 |
MEDIUM
Network
|
tangro
|
business_workflow
|
An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control checks exist on the /api/document/<DocumentID>/attachments API endpoint. Knowing a document ID, an att…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-26176
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209074
|
6.5 |
MEDIUM
Network
|
tangro
|
business_workflow
|
In tangro Business Workflow before 1.18.1, an attacker can manipulate the value of PERSON in requests to /api/profile in order to change profile information of other users.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-26175
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209075
|
8.8 |
HIGH
Network
|
tangro
|
business_workflow
|
tangro Business Workflow before 1.18.1 requests a list of allowed filetypes from the server and restricts uploads to the filetypes contained in this list. However, this restriction is enforced in the…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26174
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209076
|
4.3 |
MEDIUM
Network
|
tangro
|
business_workflow
|
An incorrect access control implementation in Tangro Business Workflow before 1.18.1 allows an attacker to download documents (PDF) by providing a valid document ID and token. No further authenticati…
|
CWE-306
CWE-639
Missing Authentication for Critical Function
Authorization Bypass Through User-Controlled Key
|
CVE-2020-26173
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209077
|
6.5 |
MEDIUM
Network
|
tangro
|
business_workflow
|
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows an attacker to reuse the token when a session is active. The JWT token does not contain an expiration …
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2020-26172
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209078
|
4.3 |
MEDIUM
Network
|
tangro
|
business_workflow
|
In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document/attachments/upload can be manipulated. By doing this, users can add attachments to workitems that do n…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-26171
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209079
|
9.8 |
CRITICAL
Network
|
fleetdm
|
fleet
|
Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted d…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-26276
|
2024-11-21 14:19 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209080
|
8.8 |
HIGH
Network
|
systeminformation
|
systeminformation
|
In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix.
|
CWE-78
OS Command
|
CVE-2020-26274
|
2024-11-21 14:19 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
