4 matches found
CVE-2026-2952
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2952
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2952 Vaelsys HTTP POST Request tree_server.php os command injection
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...
PT-2026-21451
Name of the Vulnerable Software and Affected Versions Vaelsys version 4.1.0 Description A flaw exists in Vaelsys 4.1.0 related to the HTTP POST Request Handler component. Specifically, manipulation of the xajaxargs argument within a request to the file '/tree/tree server.php' can lead to operatin...