CVE-2025-70420

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements...

EUVD-2025-209547

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements...

CVE-2025-70420

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements...

CVE-2025-70420

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements...

Genesys Latitude 安全漏洞

Genesys Latitude is a debt collection and account management platform developed by Genesys Corporation. Version 25.1.0.420 of Genesys Latitude contains a security vulnerability. This vulnerability arises from the direct concatenation of user input into SQL statements without proper cleaning, whic...

PT-2026-34066

Name of the Vulnerable Software and Affected Versions Genesys Latitude version 25.1.0.420 Description An issue exists where unsanitized user-supplied input is concatenated directly into SQL statements. This allows an authenticated attacker to execute arbitrary SQL queries against the backend...

CVE-2025-70420

Summary: CVE-2025-70420 affects Genesys Latitude v25.1.0.420 and is caused by unsanitized user input concatenated into SQL statements, allowing an authenticated attacker to execute arbitrary SQL against the backend database. Impact/details present: authenticated remote access with low privileges ...

CVE-2025-70420

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements...

CVE-2025-70420

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements...

CVE-2023-29930

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page...

CVE-2022-37775

Genesys PureConnect Interaction Web Tools Chat Service up to at least 26- September- 2019 allows XSS within the Printable Chat History via the participant - name JSON POST parameter...

EUVD-2021-13574

Malware in sbrugna...

EUVD-2019-7610

Malware in sbrugna...

EUVD-2023-27308

Malicious code in bioql PyPI...

EUVD-2021-28017

Malicious code in bioql PyPI...

EUVD-2021-28016

Malicious code in bioql PyPI...

EUVD-2022-40385

Malicious code in bioql PyPI...

MAL-2025-41843 Malicious code in @espace-client-axafr/chat-genesys-auth (npm)

The package communicates with a domain associated with malicious activity...

cloud.genesys:web-messaging-sdk (>=3.0.0 <=5.0.0), cn.acooly:acooly-auth-wechat-authenticator (=5.2.1) +557 more potentially affected by CVE-2025-5878 via org.owasp.esapi:esapi (>=2.0GA <=2.6.2.0)

org.owasp.esapi:esapi MAVEN version =2.0GA, =3.0.0, =5.0.0 - cn.acooly:acooly-auth-wechat-authenticator =5.2.1 - cn.dceast.platform:platform-security-starter =2.2.3 - com.acooly:acooly-component-account =5.2.1 - com.acooly:acooly-component-app =5.2.1 - com.acooly:acooly-component-assetmgmt =5.2.1...

CVE-2023-23208

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...