SEC Consult Vulnerability Lab Security Advisory < 20191202-0 >
===
title: Multiple Critical Vulnerabilities
product: SALTO ProAccess SPACE
vulnerable version: <= v5.5
fixed version
[+] Credits: hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/NAPC-XINET-ELEGANT-6-ASSET-LIBRARY-WEB-INTERFACE-PRE-AUTH-SQL-INJECTION.txt
[+] ISR: ApparitionSec
[Vendor]
www.napc.com
[Product]
Xinet Elegant 6 Asset Library
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-EXCEL-2016-v1901-IMPORT-ERROR-EXTERNAL-ENTITY-INJECTION.txt
[+] ISR: ApparitionSec
[Vendor]
www.microsoft.com
[Product]
Excel
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MAX-SECURE-PLUS-ANTIVIRUS-INSECURE-PERMISSIONS.txt
[+] ISR: ApparitionSec
[Vendor]
www.maxpcsecure.com
[Affected Product Code Base]
Max