CVE-2023-41638

An arbitrary file upload vulnerability in the Gestione Documentale module of GruppoSCAI RealGimm 1.1.37p38 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2023-41635

A XML External Entity XXE vulnerability in the VerifichePeriodiche.aspx component of GruppoSCAI RealGimm v1.1.37p38 allows attackers to read any file in the filesystem via supplying a crafted XML file...

GruppoSCAI RealGimm 安全漏洞

GruppoSCAI RealGimm is a management solution for large property and real estate assets from SCAI. A security vulnerability exists in GruppoSCAI RealGimm version 1.1.37p38, which stems from the presence of an XML External Entity XXE vulnerability that allows an attacker to read any file on the fil...

GruppoSCAI RealGimm SQL注入漏洞

GruppoSCAI RealGimm is a management solution for large property and real estate assets from SCAI. A security vulnerability exists in GruppoSCAI RealGimm version 1.1.37p38, which stems from the presence of a SQL injection vulnerability that allows an attacker to access the database and execute...

GruppoSCAI RealGimm 代码问题漏洞

GruppoSCAI RealGimm is a management solution for large property and real estate assets from SCAI. A security vulnerability exists in GruppoSCAI RealGimm version 1.1.37p38, which stems from the presence of an arbitrary file upload vulnerability that allows an attacker to execute arbitrary code by...

GruppoSCAI RealGimm 跨站脚本漏洞

GruppoSCAI RealGimm is a large-scale property and real estate asset management solution from SCAI. A security vulnerability exists in GruppoSCAI RealGimm version 1.1.37p38, which stems from the presence of multiple Reflective Cross-Site Scripting XSS vulnerabilities that could allow an attacker t...

GruppoSCAI RealGimm SQL注入漏洞

GruppoSCAI RealGimm is a management solution for large property and real estate assets from SCAI. A security vulnerability exists in GruppoSCAI RealGimm version 1.1.37p38, which stems from the presence of an improper error handling vulnerability that could allow an attacker to obtain sensitive...

PT-2023-28015 · Grupposcai · Realgimm

Name of the Vulnerable Software and Affected Versions: GruppoSCAI RealGimm version 1.1.37p38 Description: A SQL injection issue in the Data Richiesta dal parameter allows attackers to access the database and execute arbitrary commands via a crafted SQL query. Recommendations: For GruppoSCAI...

PT-2023-28019 · Grupposcai · Grupposcai Realgimm

Name of the Vulnerable Software and Affected Versions: GruppoSCAI RealGimm version 1.1.37p38 Description: Multiple reflected cross-site scripting XSS vulnerabilities in the ErroreNonGestito.aspx component allow attackers to execute arbitrary Javascript in the context of a victim user's browser vi...