📦 Agiloft

Agiloft Release 28 contains default credential accounts that could allow attackers to escalate privileges locally. The password hash is known and crackable offline, potentially granting unauthorized a...

Agiloft Release 28 contains an XML External Entities (XXE) vulnerability in import/export functionality that allows authenticated attackers to perform path traversal and read local system files. This ...

Agiloft Release 28 contains a template injection vulnerability in its EUI template engine that allows authenticated attackers to execute arbitrary code remotely. This affects all users running Agiloft...