📦

staging_module

Vendor: sitecore

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 6.09% Exploit Prob.

Latest CVE CVE-2009-4367 Dec 21

Security Vulnerability Index

Page 1 / 1

6.8 CVSS

CVE-2009-4367

Exploit Found

The Staging Webservice ("sitecore modules/staging/service/api.asmx") in Sitecore Staging Module 5.4.0 rev.080625 and earlier allows remote attackers to bypass authentication and (1) upload files, (2) download files, (3) list directories, and (4) clear the server cache via crafted SOAP requests with arbitrary Username and Password values, possibly related to a direct request.

EPSS: 6.09%

Severity: MEDIUM

Dec 21, 2009

Displaying 1 of 2 Total Entries

Total 1 Sections