Skip to main content

Web Module

2 CVEs product

Monthly

CVE-2019-12163 MEDIUM POC This Month

GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Web Module
NVD
CVSS 3.1
5.3
EPSS
2.8%
CVE-2019-11028 HIGH This Week

GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Web Module
NVD VulDB
CVSS 3.0
8.8
EPSS
2.8%
EPSS 3% CVSS 5.3
MEDIUM POC This Month

GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Web Module
NVD
EPSS 3% CVSS 8.8
HIGH This Week

GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Web Module
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy