📦 Arcgis Server
by Esri
🔍 What is Arcgis Server?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A critical SQL injection vulnerability in Esri ArcGIS Server feature services allows remote unauthenticated attackers to execute arbitrary SQL commands. This can lead to data theft, data manipulation,...
This SSRF vulnerability in ArcGIS Server Manager allows unauthenticated remote attackers to make arbitrary GET requests from the vulnerable system. This can lead to internal network scanning, data exf...
CVE-2020-35712 is a Server-Side Request Forgery (SSRF) vulnerability in Esri ArcGIS Server that allows attackers to make unauthorized requests from the server to internal or external systems. This aff...
A SQL injection vulnerability in ArcGIS Server allows authenticated users with advanced application-specific permissions to execute arbitrary SQL commands through EDIT operations. This affects ArcGIS ...
A local file inclusion vulnerability in ArcGIS Server 11.3 and earlier allows remote unauthenticated attackers to read sensitive configuration files by crafting malicious URLs. This exposes internal s...
An improper access control vulnerability in ArcGIS Server versions 11.3 and below allows authenticated attackers with low privileges to access secure services they shouldn't have permission to view. T...
A stored cross-site scripting (XSS) vulnerability in Esri ArcGIS Server allows remote unauthenticated attackers to upload malicious files that execute JavaScript in victims' browsers when accessed. Th...
A stored cross-site scripting (XSS) vulnerability in Esri ArcGIS Server allows remote unauthenticated attackers to upload malicious files that execute JavaScript in victims' browsers when accessed. Th...
A stored cross-site scripting (XSS) vulnerability in Esri ArcGIS Server allows remote unauthenticated attackers to upload malicious files that execute JavaScript in victims' browsers when accessed. Th...
A stored cross-site scripting vulnerability in Esri ArcGIS Server allows remote unauthenticated attackers to upload malicious files that execute in victims' browsers. This affects ArcGIS Server 11.4 a...
A stored cross-site scripting vulnerability in Esri ArcGIS Server allows attackers to upload malicious files that execute JavaScript in victims' browsers when accessed. This affects ArcGIS Server 11.4...
ArcGIS Server versions 11.5 and earlier on Windows and Linux contain a file upload vulnerability where remote attackers can upload arbitrary files. However, server-side controls prevent execution of u...
ArcGIS Server versions 11.5 and earlier on Windows and Linux contain a file upload vulnerability that allows remote attackers to upload arbitrary files. However, server-side controls prevent execution...
A stored cross-site scripting vulnerability in Esri ArcGIS Server allows attackers to upload malicious files that execute JavaScript in victims' browsers when accessed. This affects ArcGIS Server 11.4...
A stored cross-site scripting vulnerability in Esri ArcGIS Server allows remote unauthenticated attackers to upload malicious files that execute JavaScript in victims' browsers when accessed. This aff...
A path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below allows authenticated administrators to access files outside intended directories. This poses a high confidentiality risk as...
A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenticated users with publisher privileges to inject malicious JavaScript links. When victims click these...
A path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below allows remote authenticated attackers with admin privileges to access files outside intended directories, potentially expos...
A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenticated attackers with publisher privileges to inject malicious JavaScript into links. When victims cl...
A stored cross-site scripting (XSS) vulnerability in ArcGIS Server versions 11.3 and below allows authenticated attackers with publisher privileges to inject malicious JavaScript links. When victims c...
A stored cross-site scripting (XSS) vulnerability in ArcGIS Server versions 11.3 and below allows authenticated users with publisher privileges to inject malicious JavaScript into links. When victims ...
This stored XSS vulnerability in ArcGIS Server allows authenticated attackers with publisher privileges to inject malicious JavaScript into links. When victims click these crafted links, arbitrary cod...
A stored cross-site scripting (XSS) vulnerability in ArcGIS Server versions 11.3 and below allows authenticated attackers with publisher privileges to inject malicious JavaScript into crafted links. W...
A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenticated attackers with publisher privileges to inject malicious JavaScript links. When victims click t...
A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenticated attackers with publisher privileges to inject malicious JavaScript links. When victims click t...