CVE-2024-41511

A Path Traversal Local File Inclusion vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter...

CVE-2024-41512

A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter...

CVE-2024-41514

A reflected cross-site scripting XSS vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter...

CVE-2024-41515

A reflected cross-site scripting XSS vulnerability in "ccHandlerResource.ashx" in CADClick = 1.11.0 allows remote attackers to inject arbitrary web script or HTML via the "resurl" parameter...

CVE-2024-41516

A Reflected cross-site scripting XSS vulnerability in "ccHandler.aspx" CADClick = 1.11.0 allows remote attackers to inject arbitrary web script or HTML via the "bomid" parameter...

CVE-2024-41511

A Path Traversal Local File Inclusion vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter...

CVE-2024-41513

A reflected cross-site scripting XSS vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter...

CVE-2024-41515

A reflected cross-site scripting XSS vulnerability in "ccHandlerResource.ashx" in CADClick = 1.11.0 allows remote attackers to inject arbitrary web script or HTML via the "resurl" parameter...

CVE-2024-41511

A Path Traversal Local File Inclusion vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter...

CADClick 安全漏洞

CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and prior versions that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability...

CVE-2024-41513

A reflected cross-site scripting XSS vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter...

PT-2024-29429 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A Path Traversal Local File Inclusion issue in "BinaryFileRedirector.ashx" allows remote attackers to retrieve arbitrary local files via the path parameter. This enables access to sensitive...

CVE-2024-41514

A reflected cross-site scripting XSS vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter...

CVE-2024-41512

A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter...

PT-2024-29432 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A reflected cross-site scripting XSS vulnerability in "PrevPgGroup.aspx" allows remote attackers to inject arbitrary web script or HTML via the wer parameter. This flaw lets remote attackers...

PT-2024-29430 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A SQL Injection issue in "ccHandler.aspx" allows remote attackers to execute arbitrary SQL commands via the bomid parameter. This enables attackers to potentially access or manipulate sensitiv...

CADClick 安全漏洞

CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and earlier versions that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerabilit...

CVE-2024-41511

CADClick v1.11.0 and earlier is affected by a Path Traversal (Local File Inclusion) vulnerability in BinaryFileRedirector.ashx, allowing an attacker to retrieve arbitrary local files via the path parameter. Affected component: BinaryFileRedirector.ashx in CADClick. Root cause: improper validation...

CADClick 安全漏洞

CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and earlier versions that stems from the presence of a SQL injection vulnerability that allows remote...

CVE-2024-41514

A reflected cross-site scripting XSS vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter...