3 matches found
CVE-2025-8259 Vaelsys VaelsysV4 Web interface vgrid_server.php execute_DataObjectProc os command injection
A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function executeDataObjectProc of the file /grid/vgridserver.php of the component Web interface. Such manipulation of the argument xajaxargs leads to os command injection. The attack can be execut...
CVE-2025-8259
CVE-2025-8259 affects Vaelsys 4.1.0. The vulnerability is an OS command injection in the function execute_DataObjectProc of the file /grid/vgrid_server.php, caused by manipulation of the xajaxargs argument. It can be triggered remotely, and public exploits have been disclosed; vendor responses ar...
CVE-2025-8259 Vaelsys VaelsysV4 Web interface vgrid_server.php execute_DataObjectProc os command injection
A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function executeDataObjectProc of the file /grid/vgridserver.php of the component Web interface. Such manipulation of the argument xajaxargs leads to os command injection. The attack can be execut...