Ahsay Cloud Backup Suite — known CVE vulnerabilities
Every CVE whose affected-product data names Ahsay Cloud Backup Suite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2020-5846 — CVSS 8.8 (high): An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.3.0.30 via a "PUT /obs/obm7/file/upload"…
CVE-2019-10267 — CVSS 8.8 (high): An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into…
CVE-2019-10266 — CVSS 7.5 (high): An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to…
CVE-2019-10265 — CVSS 7.5 (high): An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is…
CVE-2019-10264 — CVSS 7.2 (high): An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator account, the "Move / Import / Export Users"…
CVE-2022-37027 — CVSS 7.2 (high): Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. Administrators that can modify the Runtime…
CVE-2019-10263 — CVSS 6.1 (medium): An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the…