Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:57 a.m.5 views

CVE-2020-12743

An issue was discovered in Gazie 7.32. A successful installation does not remove or block or in any other way prevent use of its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hiddenreq POST paramet...

9.8CVSS7.1AI score0.00404EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-5031

Malware in sbrugna...

9.8CVSS9.2AI score0.00404EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2012-1246

Malware in sbrugna...

6.8CVSS6.4AI score0.00181EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-14499

Malware in sbrugna...

6.1CVSS6.3AI score0.0045EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/22 4:1 p.m.6 views

CVE-2020-21731

Gazie 7.29 is affected by: Cross Site Scripting XSS via http://192.168.100.7/gazie/modules/config/adminutente.php?username=amministratore&Update.; An attacker can inject JavaScript code, and the webapplication stores the injected code...

6.1CVSS6.1AI score0.0045EPSS
Exploits0
CNVD
CNVDadded 2020/09/16 12:0 a.m.1 views

Gazie Cross-Site Scripting Vulnerability

Gazie is a financial application based on PHP and MySQL. The program supports features such as invoice management, inventory management and order management. A cross-site scripting vulnerability exists in Gazie version 7.29, which originates from an improper validation of client-side data by...

6.1CVSS6.4AI score0.0045EPSS
Exploits0References1
NVD
NVDadded 2020/09/14 12:15 p.m.7 views

CVE-2020-21731

Gazie 7.29 is affected by: Cross Site Scripting XSS via http://192.168.100.7/gazie/modules/config/adminutente.php?username=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code...

6.1CVSS0.0045EPSS
Exploits0References3
OSV
OSVadded 2020/09/14 12:15 p.m.1 views

CVE-2020-21731

Gazie 7.29 is affected by: Cross Site Scripting XSS via http://192.168.100.7/gazie/modules/config/adminutente.php?username=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code...

6.1CVSS6.4AI score0.0045EPSS
Exploits0References3
Prion
Prionadded 2020/09/14 12:15 p.m.13 views

Cross site scripting

Gazie 7.29 is affected by: Cross Site Scripting XSS via http://192.168.100.7/gazie/modules/config/adminutente.php?username=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code...

4.3CVSS6AI score0.0045EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2020/09/14 11:45 a.m.33 views

CVE-2020-21731

Gazie 7.29 is affected by a stored Cross-Site Scripting (XSS) vulnerability. The issue occurs in the web app via the admin_utente.php?user_name=amministratore&Update parameter, where injected JavaScript code can be stored and later executed by users. This is a general XSS flaw described across mu...

6.1CVSS6AI score0.0045EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2020/09/14 11:45 a.m.10 views

CVE-2020-21731

Gazie 7.29 is affected by: Cross Site Scripting XSS via http://192.168.100.7/gazie/modules/config/adminutente.php?username=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code...

6.1AI score0.0045EPSS
Exploits0References3
CNVD
CNVDadded 2020/05/12 12:0 a.m.2 views

Gazie File Inclusion Vulnerability

Gazie is a financial application based on PHP and MySQL. The program supports features such as invoice management, inventory management and order management. A security vulnerability exists in Gazie version 7.32. An attacker can exploit the vulnerability to include arbitrary PHP files with the he...

9.8CVSS7AI score0.00404EPSS
Exploits0References1
NVD
NVDadded 2020/05/11 1:15 p.m.7 views

CVE-2020-12743

An issue was discovered in Gazie 7.32. A successful installation does not remove or block or in any other way prevent use of its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hiddenreq POST paramet...

9.8CVSS9.4AI score0.00404EPSS
Exploits0References1
OSV
OSVadded 2020/05/11 1:15 p.m.0 views

CVE-2020-12743

An issue was discovered in Gazie 7.32. A successful installation does not remove or block or in any other way prevent use of its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hiddenreq POST paramet...

9.8CVSS7.5AI score
Exploits0References1
Prion
Prionadded 2020/05/11 1:15 p.m.14 views

Authentication flaw

An issue was discovered in Gazie 7.32. A successful installation does not remove or block or in any other way prevent use of its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hiddenreq POST paramet...

7.5CVSS9.3AI score0.00404EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2020/05/11 12:32 p.m.31 views

CVE-2020-12743

Gazie 7.32 contains an unauthenticated PHP file inclusion vulnerability in /setup/install/setup.php, which remains accessible after setup and can be requested via a hidden_req POST parameter. The issue enables arbitrary PHP file inclusion and is described with high impact (NVD CVSSv3.1: CRITICAL,...

9.8CVSS9.3AI score0.00404EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/05/11 12:32 p.m.10 views

CVE-2020-12743

An issue was discovered in Gazie 7.32. A successful installation does not remove or block or in any other way prevent use of its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hiddenreq POST paramet...

9.4AI score0.00404EPSS
Exploits0References1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.13 views

GAzie 5.10 (Login parameter) Multiple Vulnerabilities

No description provided by source. GAzie 5.10 Login parameter Multiple Remote Vulnerabilities Vendor: Antonio de Vincentiis Product web page: http://www.devincentiis.it, http://gazie.sourceforge.net Affected version: 5.10 Summary: GAzie is a multi-company management program ERP that runs on Apach...

7.1AI score
Exploits0
NVD
NVDadded 2012/02/21 1:31 p.m.7 views

CVE-2012-1220

Cross-site request forgery CSRF vulnerability in modules/config/adminutente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated by changing the password...

6.8CVSS6.9AI score0.00181EPSS
Exploits1References3
Prion
Prionadded 2012/02/21 1:31 p.m.8 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in modules/config/adminutente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated by changing the password...

6.8CVSS7.5AI score0.00181EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder