Lucene search
K

4 matches found

NVD
NVD
added 2023/01/27 10:15 p.m.20 views

CVE-2022-39813

Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/jsecuritycheck via the jusername parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The...

6.1CVSS6AI score0.0047EPSS
Exploits1References1
NVD
NVD
added 2023/01/27 10:15 p.m.21 views

CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request not possible using the GUI to an arbitrary directory. Because th...

7.5CVSS7.4AI score0.00961EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.4 views

Italtel NetMatch-S CI 跨站脚本漏洞

Italtel NetMatch-S CI is Italtel's first "In-Cloud" SBC designed for deployment in data center/cloud environments in accordance with emerging IT practices and telecom specifications NFV. A security vulnerability exists in Italtel NetMatch-S CI version 5.2.0-20211008, which stems from the presence...

6.1CVSS6.4AI score0.0047EPSS
Exploits1References2
CVE
CVE
added 2023/01/27 12:0 a.m.54 views

CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 is affected by an Absolute Path Traversal vulnerability in NMSCI-WebGui/SaveFileUploader. An unauthenticated attacker can upload files to an arbitrary path by changing the uploadDir parameter in a POST request (GUI cannot do this), potentially leading to unaut...

7.5CVSS7.3AI score0.00961EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder