CVE-2023-37777

A SQL injection vulnerability exists in Synnefo Internet Management Software IMS version 2023 and earlier. This vulnerability occurs due to improper input validation in a specific API endpoint parameter allowing an attacker to manipulate SQL queries via crafted input. Successful exploitation coul...

PT-2025-1435 · Unknown · Synnefo Internet Management

Name of the Vulnerable Software and Affected Versions: Synnefo Internet Management Software versions 2023 and earlier Description: A SQL injection issue exists due to improper input validation in a specific API endpoint parameter, allowing an attacker to manipulate SQL queries via crafted input...

Synnefo Internet Management Software 安全漏洞

Synnefo Internet Management Software SynnefoIMS is an Internet management software from Synnefo, Inc. A security vulnerability exists in Synnefo Internet Management Software version 2023 and prior releases that stems from the presence of a SQL injection vulnerability...

CVE-2023-37777

A SQL injection vulnerability exists in Synnefo Internet Management Software IMS version 2023 and earlier. This vulnerability occurs due to improper input validation in a specific API endpoint parameter allowing an attacker to manipulate SQL queries via crafted input. Successful exploitation coul...

Synnefo Internet Management Software Cross-Site Scripting Vulnerability

Synnefo Internet Management Software IMS is a suite of network management software from Synnefo India. A cross-site scripting vulnerability exists in Synnefo IMS 2015 version of synnefoclient, which stems from the packagehistory/listusagesdata URI failing to adequately filter the 'planname '...

CVE-2015-8247

CVE-2015-8247 is a reflected Cross‑Site Scripting (XSS) vulnerability in Synnefo Internet Management Software (IMS) 2015 affecting the synnefoclient. The issue arises in the packagehistory/listusagesdata endpoint via the plan_name parameter, enabling remote attackers to inject arbitrary script/HT...