Portfolio

portfolio

Vendor: Extensis • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-24255 1Extensis 1Portfolio Jun 17, 2026 Mar 1, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
CVE-2022-24254 1Extensis 1Portfolio Jun 17, 2026 Mar 1, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
CVE-2022-24253 1Extensis 1Portfolio Jun 17, 2026 Mar 1, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
CVE-2022-24252 1Extensis 1Portfolio Jun 17, 2026 Mar 1, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
CVE-2022-24251 1Extensis 1Portfolio Jun 17, 2026 Mar 1, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.