Aggregates CVE and security vulnerability intelligence across all axiomsl-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling, vendor risk denial of service, and vendor risk sql injection, with potential vendor impact file overwrite across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-5462 | AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features. | [email protected] | 6.1 | 1.03% | 2019-04-03 | 2026-06-16 |
| CVE-2015-5384 | AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack. | [email protected] | 8.8 | 1.33% | 2019-04-03 | 2026-06-16 |
| CVE-2015-5463 | AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a Denial of Service on global application, or (4) write/read/delete arbitrary files on server hosting the application. | [email protected] | 9.8 | 2.03% | 2019-04-03 | 2026-06-16 |