Shodan
Vulnerabilities
Vulnerable Software
M-Files:  Security Vulnerabilities
CVE-2023-5523
Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution
CVSS Score
8.6
EPSS Score
0.005
Published
2023-10-20
CVE-2023-5524
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types
CVSS Score
8.2
EPSS Score
0.009
Published
2023-10-20
CVE-2023-2325
Stored XSS Vulnerability in M-Files Classic Web versions before 23.10 and LTS Service Release Versions before 23.2 LTS SR4 and 23.8 LTS SR1allows attacker to execute script on users browser via stored HTML document.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-10-20
CVE-2023-3406
Path Traversal issue in M-Files Classic Web versions below 23.6.12695.3 and LTS Service Release Versions before 23.2 LTS SR3 allows authenticated user to read some restricted files on the web server
CVSS Score
7.7
EPSS Score
0.001
Published
2023-08-25
CVE-2023-3425
Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-25
CVE-2023-3405
Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of service
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-27
CVE-2023-2480
Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-25
CVE-2023-2112
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0.
CVSS Score
3.6
EPSS Score
0.0
Published
2023-04-20
CVE-2023-0383
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-20
CVE-2023-0384
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved