cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-26217,https://securityvulnerability.io/vulnerability/CVE-2023-26217,TIBCO EBX Add-ons SQL Injection Vulnerability,"The Data Exchange Add-on component of TIBCO EBX Add-ons is vulnerable to SQL injection, allowing low privileged users with import permissions and network access to execute arbitrary SQL commands on the server. This poses a significant security risk, as unauthorized SQL execution can lead to data breaches, data manipulation, and potential system compromise for the affected versions.",Tibco,Tibco Ebx Add-ons,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-07-19T21:15:00.000Z,0
CVE-2023-26215,https://securityvulnerability.io/vulnerability/CVE-2023-26215,TIBCO EBX® Add-ons Path Traversal,"The server component of TIBCO EBX Add-ons by TIBCO Software Inc. contains a weakness that enables attackers with minimal application privileges to access and read sensitive system files that are within the reach of the web server. This vulnerability affects versions 4.5.16 and earlier, posing a risk of unauthorized information disclosure, which could lead to further exploitation if sensitive data is disclosed.",Tibco,Tibco Ebx Add-ons,6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-05-25T19:15:00.000Z,0
CVE-2023-26216,https://securityvulnerability.io/vulnerability/CVE-2023-26216,TIBCO EBX Add-ons Arbitrary File Write,"The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons is affected by a file upload vulnerability, permitting unauthorized attackers to upload files to a directory that is accessible by the web server. This flaw is present in TIBCO EBX Add-ons versions 4.5.16 and earlier, allowing for potential exploitation that can lead to more severe security incidents.",Tibco,Tibco Ebx Add-ons,9.1,CRITICAL,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-05-25T19:15:00.000Z,0
CVE-2022-41566,https://securityvulnerability.io/vulnerability/CVE-2022-41566,TIBCO EBX Add-ons Cross Site Scripting (XSS) Vulnerability,"The server component of TIBCO EBX Add-ons has a vulnerability that enables low privileged attackers with network access to execute stored Cross-Site Scripting (XSS) attacks on the vulnerable system. This flaw is particularly concerning in versions 5.6.0 and earlier, as it allows for unauthorized script execution, potentially compromising user data and overall system integrity. Mitigation involves updating to patched versions and implementing stringent security measures to prevent exploitation.",Tibco,Tibco Ebx Add-ons,8.7,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-02-22T00:00:00.000Z,0
CVE-2022-30578,https://securityvulnerability.io/vulnerability/CVE-2022-30578,TIBCO EBX Add-ons Stored XSS vulnerability,The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 5.4.1 and below.,Tibco,Tibco Ebx Add-ons,8,HIGH,0.00203000009059906,false,,false,false,false,,,false,false,,2022-09-21T00:00:00.000Z,0
CVE-2022-22769,https://securityvulnerability.io/vulnerability/CVE-2022-22769,TIBCO EBX vulnerabilities,"The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.124 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, 5.9.14, and 5.9.15, TIBCO EBX: versions 6.0.0, 6.0.1, 6.0.2, and 6.0.3, TIBCO EBX Add-ons: versions 3.20.18 and below, TIBCO EBX Add-ons: versions 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, and 4.5.6, TIBCO EBX Add-ons: versions 5.0.0, 5.0.1, 5.1.0, 5.1.1, and 5.2.0, and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.1.0 and below.",Tibco,"Tibco Ebx,Tibco Ebx Add-ons,Tibco Product And Service Catalog Powered By Tibco Ebx",8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-01-19T00:00:00.000Z,0
CVE-2020-27148,https://securityvulnerability.io/vulnerability/CVE-2020-27148,TIBCO EBX EXML External Entity,"The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX Insight Add-on components of TIBCO Software Inc.'s TIBCO EBX Add-ons contain a vulnerability that theoretically allows a low privileged attacker with network access to execute an XML External Entity (XXE) attack. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.4.2 and below.",Tibco,Tibco Ebx Add-ons,7.1,HIGH,0.001449999981559813,false,,false,false,false,,,false,false,,2021-01-12T00:00:00.000Z,0
CVE-2019-17331,https://securityvulnerability.io/vulnerability/CVE-2019-17331,TIBCO EBX Add-on For Data Exchange Cross-Site Scripting Vulnerabilities,"The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.",Tibco,Tibco Ebx Add-ons,7.3,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2019-11-12T00:00:00.000Z,0
CVE-2019-17332,https://securityvulnerability.io/vulnerability/CVE-2019-17332,TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities,"The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.",Tibco,Tibco Ebx Add-ons,7.3,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2019-11-12T00:00:00.000Z,0