42 matches found
CVE-2025-2488 XSS in Profelis Informatics' SambaBox
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS. This issue affects SambaBox: before 5.1...
CVE-2025-2488
CVE-2025-2488 affects SambaBox by Profelis Informatics. The vulnerability is an XSS due to improper neutralization of input during web page generation, impacting SambaBox versions before 5.1. Technical details across connected sources confirm the affected component (web page generation), root cau...
CVE-2025-2488 XSS in Profelis Informatics' SambaBox
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS. This issue affects SambaBox: before 5.1...
CVE-2025-2421 Remote Code Execution in Profelis Informatics' SambaBox
Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...
CVE-2025-2421 Remote Code Execution in Profelis Informatics' SambaBox
Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...
CVE-2025-2421
CVE-2025-2421 affects SambaBox (Profelis Informatics) prior to version 5.1. The root cause is improper control of code generation, enabling a code injection vulnerability. Multiple sources consistently describe impact as code injection with a high severity risk; CVSS metrics in the initial entry ...
SambaBox 跨站脚本漏洞
SambaBox is a Samba-based file sharing server solution from SambaBox, Inc. A cross-site scripting vulnerability exists in SambaBox versions prior to 5.1, which stems from improper input neutralization during web page generation and could lead to cross-site scripting...
PT-2025-18772
Name of the Vulnerable Software and Affected Versions SambaBox versions prior to 5.1 Description The issue affects SambaBox due to an improper control of generation of code, allowing code injection. Recommendations For versions prior to 5.1, update to version 5.1 or later to resolve the issue...
PT-2025-18773
Name of the Vulnerable Software and Affected Versions SambaBox versions prior to 5.1 Description The issue affects SambaBox, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. Recommendations For versions prior to 5.1, update to version 5.1 or...
SambaBox 代码注入漏洞
SambaBox is a Samba-based file sharing server solution from SambaBox, Inc. A code injection vulnerability exists in SambaBox versions prior to 5.1, which stems from improper code generation controls and could lead to code injection...
CVE-2022-25619
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...
CVE-2022-25620
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...
CVE-2022-25619
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...
CVE-2022-25619
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...
CVE-2022-25620
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...
Command injection
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...
CVE-2022-25619
CVE-2022-25619 : Affected product is Profelis IT Consultancy SambaBox (x86) version 4.0 and earlier. The root cause is improper neutralization in the ping utility, enabling an AUTHENTICATED user to execute arbitrary code via a command injection. The vulnerability is documented across sources (NVD...
CVE-2022-25619 Authenticated Command Injection to RCE
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...
CVE-2022-25620 Stored Cross-Site Scripting (XSS)
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...
CVE-2022-25620
CVE-2022-25620 describes a stored XSS vulnerability in the Groups feature of Profelis IT Consultancy SambaBox, allowing an authenticated user to execute arbitrary code on the vulnerable server due to improper neutralization of script-related HTML tags. Affected: SambaBox 4.0 and earlier on x86. R...