5 matches found
CVE-2023-37777
A SQL injection vulnerability exists in Synnefo Internet Management Software IMS version 2023 and earlier. This vulnerability occurs due to improper input validation in a specific API endpoint parameter allowing an attacker to manipulate SQL queries via crafted input. Successful exploitation coul...
PT-2025-1435 · Unknown · Synnefo Internet Management
Name of the Vulnerable Software and Affected Versions: Synnefo Internet Management Software versions 2023 and earlier Description: A SQL injection issue exists due to improper input validation in a specific API endpoint parameter, allowing an attacker to manipulate SQL queries via crafted input...
CVE-2023-37777
A SQL injection vulnerability exists in Synnefo Internet Management Software IMS version 2023 and earlier. This vulnerability occurs due to improper input validation in a specific API endpoint parameter allowing an attacker to manipulate SQL queries via crafted input. Successful exploitation coul...
Synnefo Internet Management Software Cross-Site Scripting Vulnerability
Synnefo Internet Management Software IMS is a suite of network management software from Synnefo India. A cross-site scripting vulnerability exists in Synnefo IMS 2015 version of synnefoclient, which stems from the packagehistory/listusagesdata URI failing to adequately filter the 'planname '...
CVE-2015-8247
CVE-2015-8247 is a reflected Cross‑Site Scripting (XSS) vulnerability in Synnefo Internet Management Software (IMS) 2015 affecting the synnefoclient. The issue arises in the packagehistory/listusagesdata endpoint via the plan_name parameter, enabling remote attackers to inject arbitrary script/HT...