7 matches found
CVE-2025-28076
Multiple SQL injection vulnerabilities in EasyVirt DCScope = 8.6.4 and CO2Scope = 1.3.4 allows remote authenticated attackers to execute arbitrary SQL commands via the 1 timeago, 2 user, 3 filter, 4 target, 5 p1, 6 p2, 7 p3, 8 p4, 9 p5, 10 p6, 11 p7, 12 p8, 13 p9, 14 p10, 15 p11, 16 p12, 17 p13, ...
CVE-2025-28076
CVE-2025-28076 describes multiple SQL injection vulnerabilities in EasyVirt DCScope prior to or at 8.6.4 and EasyVirt CO2Scope prior to or at 1.3.4. The root cause is unsafely handled user-supplied parameters across API endpoints, allowing remote authenticated attackers to execute arbitrary SQL c...
PT-2025-17907 · Easyvirt · Easyvirt Co2Scope +1
Name of the Vulnerable Software and Affected Versions: EasyVirt DCScope versions 8.6.4 and earlier EasyVirt CO2Scope versions 1.3.4 and earlier Description: The issue allows remote authenticated attackers to execute arbitrary SQL commands. This can be achieved via various parameters to specific A...
CVE-2024-53357
Multiple SQL injection vulnerabilities in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote authenticated attackers, with low privileges, to 1 add an admin user via the /api/user/addalias route; 2 modifiy a user via the /api/user/updatealiasroute; 4 delete users via the /api/user/delali...
PT-2025-3092 · Easyvirt · Easyvirt Dcscope +1
Name of the Vulnerable Software and Affected Versions: EasyVirt DCScope versions 8.6.0 and earlier EasyVirt CO2Scope versions 1.3.0 and earlier Description: The issue allows remote unauthenticated attackers to execute arbitrary code. This can be done through the /api/license/sendlicense/ API...
PT-2025-2959 · Easyvirt · Easyvirt Dcscope +1
Name of the Vulnerable Software and Affected Versions: EasyVirt DCScope versions 8.6.0 and earlier EasyVirt CO2Scope versions 1.3.0 and earlier Description: The issue allows remote authenticated attackers with low privileges to perform various unauthorized actions. This includes adding an admin...
PT-2025-3478 · Easyvirt · Easyvirt Dcscope +1
Name of the Vulnerable Software and Affected Versions: EasyVirt DCScope versions 8.6.0 and earlier EasyVirt CO2Scope versions 1.3.0 and earlier Description: The issue allows remote unauthenticated attackers to execute arbitrary SQL commands. This can be achieved via the username or password...