CVE-2024-48646

An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the...

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

CVE-2024-48648

A Reflected Cross-Site Scripting XSS vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding...

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

CVE-2024-48648

A Reflected Cross-Site Scripting XSS vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding...

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

CVE-2024-48646

An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the...

CVE-2024-48648

A Reflected Cross-Site Scripting XSS vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding...

Datel Sage 1000 安全漏洞

Datel Sage 1000 is an application from Datel Corporation. A security vulnerability exists in Datel Sage 1000 version 7.0.0, which stems from the presence of a reflective cross-site scripting vulnerability that could allow an attacker to inject malicious script into a URL...

Datel Sage 1000 安全漏洞

Datel Sage 1000 is an application from Datel Corporation. A security vulnerability exists in Datel Sage 1000 version 7.0.0, which stems from the presence of a file disclosure vulnerability that allows a remote attacker to retrieve arbitrary files by manipulating URL parameters...

Datel Sage 1000 安全漏洞

Datel Sage 1000 is an application from Datel Corporation. A security vulnerability exists in Datel Sage 1000 version 7.0.0 that stems from the presence of an unrestricted file upload vulnerability that allows authorized users to upload files without proper authentication...

CVE-2024-48647

CVE-2024-48647 — Sage 1000 v7.0.0 : A Local File Disclosure vulnerability exists where an attacker can retrieve arbitrary files from the server by manipulating URL parameters. Public documentation confirms this impacts Sage 1000 version 7.0.0 and enables access to sensitive files such as configur...

CVE-2024-48646

Summary: CVE-2024-48646 concerns Sage 1000 v7.0.0 with an Unrestricted File Upload vulnerability. Authenticated users can upload files without proper validation (e.g., HTML, scripts, or other executable content), potentially enabling server compromise. CVSS 3.1 vector indicates Network attack, lo...

CVE-2024-48648

CVE-2024-48648 (Sage 1000 v7.0.0) is a Reflected Cross-Site Scripting (XSS) vulnerability where malicious input in a URL is reflected in the server response without proper sanitization. Affected product: Sage 1000, version 7.0.0. The connected sources confirm the vulnerability exists as described...

CVE-2024-48648

A Reflected Cross-Site Scripting XSS vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding...

CVE-2024-48646

An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the...

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

CVE-2024-48648

A Reflected Cross-Site Scripting XSS vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding...

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

CVE-2024-48646

An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the...