17 matches found
CVE-2023-6275
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input "...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
CVE-2023-6275
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
Cross site scripting
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275 TOTVS Fluig Platform mobileredir openApp.jsp cross site scripting
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275
TOTVS Fluig Platform (versions 1.6.x–1.8.1) is affected by a Cross-Site Scripting in the mobileredir/openApp.jsp component. The vulnerability arises from manipulating the redirectUrl/user parameters, e.g. redirectUrl/user with payloads like >, enabling reflected XSS. The issue may be exploited...
CVE-2023-6275 TOTVS Fluig Platform mobileredir openApp.jsp cross site scripting
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
TOTVS Fluig Cross-Site Scripting Vulnerability
TOTVS Fluig is an application from TOTVS Portugal. It is used to automate ERP tasks. A cross-site scripting vulnerability exists in TOTVS Fluig Platform, which stems from the parameter redirectUrl/user in the file /mobileredir/openApp.jsp can lead to a cross-site scripting vulnerability...
TOTVS Fluig Platform Directory Traversal (CVE-2020-29134)
A directory traversal vulnerability exists in TOTVS Fluig Platform. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
Path traversal
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
CVE-2020-29134
CVE-2020-29134 (Totvs Fluig platform) affects Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4, via a base64-encoded directory traversal in the parameter file. Root cause: path traversal enabling access to filesystem and sensitive files. Impact (as described): reading of sensitive XML files that may...
Totvs TOTVS Fluig 路径遍历漏洞
Totvs TOTVS Fluig is an application from the Portuguese company Totvs. It is used to automate ERP tasks. A path traversal vulnerability exists in TOTVS Fluig Luke 1.7.0 that allows directory traversal via base64 encoded files...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter “file = .. /” encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4 Recent assessments: lucxssouza at March 24, 2021 6:54pm UTC reported: Assessed Attacker Value: 5 Assessed Attacker Value:...
Exploit for Path Traversal in Totvs Fluig
Totvs Fluig Platform Fluig is the productivity and...