Lucene search
K

31 matches found

Nuclei
Nuclei
added yesterday36 views

Tyto Sahi pro 7.x/8.x - Local File Inclusion

Tyto Sahi Pro versions through 7.x.x and 8.0.0 are susceptible to a local file inclusion vulnerability in the web reports module which can allow an outside attacker to view contents of sensitive files. id: CVE-2018-20470 info: name: Tyto Sahi pro 7.x/8.x - Local File Inclusion author: daffainfo...

7.5CVSS7AI score0.45055EPSS
Exploits6References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-6174

Malware in sbrugna...

9.8CVSS9.5AI score0.03852EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-13022

Malware in sbrugna...

8.8CVSS8.8AI score0.02223EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-13026

Malware in sbrugna...

5.4CVSS5.5AI score0.02082EPSS
Exploits5References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.8 views

CVE-2019-15102

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunnerNondistributed and distributed end points does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intende...

9.8CVSS8.4AI score0.03852EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2023/12/28 12:0 a.m.4 views

VulnCheck KEV: CVE-2018-20470

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal arbitrary file access vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files...

7.5CVSS7.1AI score0.45055EPSS
Exploits6References1
OSV
OSV
added 2019/09/06 5:15 p.m.7 views

CVE-2019-15102

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunnerNondistributed and distributed end points does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intende...

9.8CVSS8AI score0.03852EPSS
Exploits1References1
Prion
Prion
added 2019/09/06 5:15 p.m.17 views

Design/Logic Flaw

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunnerNondistributed and distributed end points does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intende...

7.5CVSS9.9AI score0.03852EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/09/06 4:15 p.m.21 views

CVE-2019-15102

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunnerNondistributed and distributed end points does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intende...

10AI score0.03852EPSS
Exploits1References1
CVE
CVE
added 2019/09/06 4:15 p.m.49 views

CVE-2019-15102

Tyto Sahi Pro 6.x–8.0.0 suffers a remote code execution vulnerability due to two issues: (1) TestRunner_Non_distributed and distributed endpoints expose no authentication, allowing arbitrary script execution on the remote server, and (2) a password-protected web interface for script access lacks ...

9.8CVSS9.9AI score0.03852EPSS
Exploits1References1Affected Software1
0day.today
0day.today
added 2019/06/18 12:0 a.m.209 views

Sahi pro 8.x - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS 0day.today 2019-06-18...

0.4AI score0.18539EPSS
Exploits5
NVD
NVD
added 2019/06/17 2:15 p.m.16 views

CVE-2018-20469

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions...

9.8CVSS9.8AI score0.18539EPSS
Exploits5References2
OSV
OSV
added 2019/06/17 2:15 p.m.5 views

CVE-2018-20469

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions...

9.8CVSS5.8AI score0.18539EPSS
Exploits5References2
OSV
OSV
added 2019/06/17 2:15 p.m.7 views

CVE-2018-20470

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal arbitrary file access vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files...

7.5CVSS5.8AI score0.45055EPSS
Exploits6References2
NVD
NVD
added 2019/06/17 2:15 p.m.21 views

CVE-2018-20472

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS...

5.4CVSS5.4AI score0.02082EPSS
Exploits5References2
OSV
OSV
added 2019/06/17 2:15 p.m.6 views

CVE-2018-20472

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS...

5.4CVSS5.8AI score0.02082EPSS
Exploits5References2
OSV
OSV
added 2019/06/17 2:15 p.m.6 views

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

8.8CVSS5.9AI score0.02223EPSS
Exploits1References1
NVD
NVD
added 2019/06/17 2:15 p.m.16 views

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

8.8CVSS9AI score0.02223EPSS
Exploits1References1
Prion
Prion
added 2019/06/17 2:15 p.m.12 views

Code injection

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

6.8CVSS9AI score0.02223EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/06/17 2:15 p.m.14 views

Cross site scripting

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS...

3.5CVSS5.4AI score0.02082EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder