Filtered by vendor Kovai
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-59710 | 1 Kovai | 1 Biztalk360 | 2026-04-09 | N/A | 8.8 HIGH |
| An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the server. | |||||
| CVE-2025-59709 | 1 Kovai | 1 Biztalk360 | 2026-04-09 | N/A | 6.8 MEDIUM |
| An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal. | |||||
| CVE-2025-59711 | 1 Kovai | 1 Biztalk360 | 2026-04-09 | N/A | 8.3 HIGH |
| An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination directory and/or coerce an authentication from the service, aka Directory Traversal. | |||||