CVE-2025-68915

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbannerw.cgi XSS via a crafted banner...

CVE-2025-68914

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table...

CVE-2025-68916

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution...

CVE-2025-68914

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table...

CVE-2025-68914

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table...

CVE-2025-68915

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbannerw.cgi XSS via a crafted banner...

CVE-2025-68916

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution...

CVE-2025-68915

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbannerw.cgi XSS via a crafted banner...

CVE-2025-68916

Riello UPS NetMan 208 Application before 1.12 is affected by a directory traversal flaw in cgi-bin/certsupload.cgi that allows uploading files via the ../ sequence, enabling code execution. Concrete details across multiple sources confirm the vulnerable component and the root cause (certsupload.c...

CVE-2025-68916

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution...

CVE-2025-68915

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbannerw.cgi XSS via a crafted banner...

CVE-2025-68915

Riello UPS NetMan 208 Application prior to 1.12 is affected by a cross-site scripting (XSS) vulnerability in the CGI script cgi-bin/loginbanner_w.cgi, exploitable via a crafted banner. The issue arises from the loginbanner_w.cgi component and can lead to script execution within the context of the...

CVE-2025-68914

The CVE-2025-68914 entry describes a SQL injection in Riello UPS NetMan 208 Application before 1.12 via cgi-bin/login.cgi username, enabling manipulation such as deleting LOGINFAILEDTABLE. Affected product: Riello UPS NetMan 208 Application (versions

Riello UPS NetMan 208 安全漏洞

Riello UPS NetMan 208 is a network management card from Riello UPS, Italy. A security vulnerability exists in Riello UPS NetMan 208 versions prior to 1.12, which stems from the presence of directory traversal in cgi-bin/certsupload.cgi, which could lead to file uploads and code execution...

Riello UPS NetMan 208 SQL注入漏洞

Riello UPS NetMan 208 is a network management card from Riello UPS, Italy. A SQL injection vulnerability exists in Riello UPS NetMan 208 versions prior to 1.12, which originates from the presence of SQL injection in cgi-bin/login.cgi, which may result in table deletion...

PT-2025-53347

Name of the Vulnerable Software and Affected Versions Riello UPS NetMan 208 Application versions prior to 1.12 Description The software contains a directory traversal flaw in the cgi-bin/certsupload.cgi component. This allows for file upload outside the intended path, potentially leading to code...

Riello UPS NetMan 208 跨站脚本漏洞

Riello UPS NetMan 208 is a network management card from Riello UPS, Italy. A cross-site scripting vulnerability exists in Riello UPS NetMan 208 versions prior to 1.12, which stems from the presence of cross-site scripting in cgi-bin/loginbannerw.cgi, which could lead to the execution of malicious...

PT-2025-53346

Name of the Vulnerable Software and Affected Versions Riello UPS NetMan 208 Application versions prior to 1.12 Description The Riello UPS NetMan 208 Application, before version 1.12, contains a cross-site scripting XSS issue in the cgi-bin/loginbanner w.cgi component. This allows for the injectio...