Lucene search
K

42 matches found

Cvelist
Cvelist
added 2025/05/02 11:30 a.m.14 views

CVE-2025-2488 XSS in Profelis Informatics' SambaBox

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS. This issue affects SambaBox: before 5.1...

6.1CVSS0.00255EPSS
Exploits0References3
CVE
CVE
added 2025/05/02 11:30 a.m.62 views

CVE-2025-2488

CVE-2025-2488 affects SambaBox by Profelis Informatics. The vulnerability is an XSS due to improper neutralization of input during web page generation, impacting SambaBox versions before 5.1. Technical details across connected sources confirm the affected component (web page generation), root cau...

6.1CVSS5.4AI score0.00255EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/02 11:30 a.m.5 views

CVE-2025-2488 XSS in Profelis Informatics' SambaBox

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS. This issue affects SambaBox: before 5.1...

6.1CVSS5.4AI score0.00255EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/02 11:27 a.m.8 views

CVE-2025-2421 Remote Code Execution in Profelis Informatics' SambaBox

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS5.5AI score0.00504EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/02 11:27 a.m.23 views

CVE-2025-2421 Remote Code Execution in Profelis Informatics' SambaBox

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS0.00504EPSS
Exploits0References3
CVE
CVE
added 2025/05/02 11:27 a.m.57 views

CVE-2025-2421

CVE-2025-2421 affects SambaBox (Profelis Informatics) prior to version 5.1. The root cause is improper control of code generation, enabling a code injection vulnerability. Multiple sources consistently describe impact as code injection with a high severity risk; CVSS metrics in the initial entry ...

9.8CVSS5.4AI score0.00504EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/05/02 12:0 a.m.6 views

SambaBox 跨站脚本漏洞

SambaBox is a Samba-based file sharing server solution from SambaBox, Inc. A cross-site scripting vulnerability exists in SambaBox versions prior to 5.1, which stems from improper input neutralization during web page generation and could lead to cross-site scripting...

6.1CVSS5.8AI score0.00255EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.10 views

PT-2025-18772

Name of the Vulnerable Software and Affected Versions SambaBox versions prior to 5.1 Description The issue affects SambaBox due to an improper control of generation of code, allowing code injection. Recommendations For versions prior to 5.1, update to version 5.1 or later to resolve the issue...

9.8CVSS5.5AI score0.00504EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.5 views

PT-2025-18773

Name of the Vulnerable Software and Affected Versions SambaBox versions prior to 5.1 Description The issue affects SambaBox, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. Recommendations For versions prior to 5.1, update to version 5.1 or...

6.1CVSS5.4AI score0.00255EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/05/02 12:0 a.m.7 views

SambaBox 代码注入漏洞

SambaBox is a Samba-based file sharing server solution from SambaBox, Inc. A code injection vulnerability exists in SambaBox versions prior to 5.1, which stems from improper code generation controls and could lead to code injection...

9.8CVSS7.3AI score0.00504EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/30 3:15 p.m.1 views

CVE-2022-25619

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

6.7CVSS5.7AI score0.00321EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/03/30 3:15 p.m.2 views

CVE-2022-25620

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

9CVSS5.8AI score0.00417EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/03/30 3:15 p.m.3 views

CVE-2022-25619

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

6.7CVSS5.9AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 3:15 p.m.26 views

CVE-2022-25619

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

6.7CVSS0.00321EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 3:15 p.m.22 views

CVE-2022-25620

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

9CVSS0.00417EPSS
Exploits0References1
Prion
Prion
added 2022/03/30 3:15 p.m.15 views

Command injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

4.6CVSS6.6AI score0.00321EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/30 2:55 p.m.80 views

CVE-2022-25619

CVE-2022-25619 : Affected product is Profelis IT Consultancy SambaBox (x86) version 4.0 and earlier. The root cause is improper neutralization in the ping utility, enabling an AUTHENTICATED user to execute arbitrary code via a command injection. The vulnerability is documented across sources (NVD...

6.7CVSS5.5AI score0.00321EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/30 2:55 p.m.22 views

CVE-2022-25619 Authenticated Command Injection to RCE

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

3.8CVSS6.8AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/30 2:55 p.m.25 views

CVE-2022-25620 Stored Cross-Site Scripting (XSS)

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

3.8CVSS9.3AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2022/03/30 2:55 p.m.73 views

CVE-2022-25620

CVE-2022-25620 describes a stored XSS vulnerability in the Groups feature of Profelis IT Consultancy SambaBox, allowing an authenticated user to execute arbitrary code on the vulnerable server due to improper neutralization of script-related HTML tags. Affected: SambaBox 4.0 and earlier on x86. R...

9CVSS7.1AI score0.00417EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder