Auber R Maroneze

3 exploits Active since Jan 2025
CVE-2024-46479 WRITEUP CRITICAL WRITEUP
Venki Supravizio Bpm < 18.0.1 - Unrestricted File Upload
Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload a malicious file, leading to remote code execution.
CVSS 9.9
CVE-2024-46480 WRITEUP HIGH WRITEUP
Venki Supravizio Bpm < 18.0.1 - Insufficiently Protected Credentials
An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the underlying host system.
CVSS 8.4
CVE-2024-46481 WRITEUP HIGH WRITEUP
Venki Supravizio Bpm < 18.1.1 - Open Redirect
The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS.
CVSS 7.2