Skip to main content

Boolebox

2 CVEs product

Monthly

CVE-2020-13247 HIGH POC This Week

BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Boolebox
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2020-13248 MEDIUM POC This Month

BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Boolebox
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 7.3
HIGH POC This Week

BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Boolebox
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Boolebox
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy