Softvibe

softvibe

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-38697 1Softvibe 1Saraban Jun 17, 2026 Jan 18, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
CVE-2021-38696 1Softvibe 1Saraban Jun 17, 2026 Jan 18, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
CVE-2021-38695 1Softvibe 1Saraban Jun 17, 2026 Jan 18, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
CVE-2021-38694 1Softvibe 1Saraban Jun 17, 2026 Jan 18, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.