Agilepoint: Security Vulnerabilities
AgilePoint NX v8.0 SU2.2 & SU2.3 – Arbitrary File Delete Vulnerability allows arbitrary file deletion, by an unspecified request.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-05-08
AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-05-08
AgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload - Vulnerability allows insecure file upload, by an unspecified request.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-05-08
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the parameter: EncodedData
CVSS Score
5.9
EPSS Score
0.003
Published
2022-07-06