Cartadis Gespage 8.2.1 - Directory Traversal

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData. id: CVE-2021-33807 info: name: Cartadis Gespage 8.2.1 - Directory Traversal author: daffainfo severity: high description: Cartadis Gespage through 8.2.1 allows Directory Traversa...

CVE-2021-33807

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData...

EUVD-2018-20746

Malware in sbrugna...

EUVD-2017-16968

Malware in sbrugna...

CVE-2021-33807

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData...

CVE-2021-33807

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData...

Directory traversal

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData...

CVE-2021-33807

Cartadis Gespage 8.2.1 contains a Directory Traversal vulnerability. Affected component paths: gespage/doDownloadData and gespage/webapp/doDownloadData allow an attacker to access sensitive files, enabling potential data leakage. Root cause is a directory traversal flaw within Gespage 8.2.1. Impa...

CVE-2021-33807

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData...

Cartadis Gespage 路径遍历漏洞

cartadis Cartadis Gespage is an application from cartadis Inc. a print management software that includes features such as print accounting, printer monitoring, user management, payments, quotas, and redirection rules for complete management of copies and prints. A path traversal vulnerability...

Cross site scripting

Cross-site scripting XSS vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/userreg.jsp...

CVE-2018-9147

Cross-site scripting XSS vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/userreg.jsp...

CVE-2018-9147

Cross-site scripting XSS vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/userreg.jsp...

CVE-2018-9147

Cross-site scripting XSS vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/userreg.jsp...

CVE-2018-9147

Cross-site scripting XSS vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/userreg.jsp...

CVE-2018-9147

Gespage software, version 7.5.7, is affected by a cross-site scripting (XSS) vulnerability. The issue allows a remote attacker to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/user_reg.jsp. The available sources describe the vulnerability but d...

CVE-2017-7998

Multiple cross-site scripting XSS vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the 1 printer name when adding a printer in the admin panel or 2 username parameter to webapp/users/userreg.jsp...

CVE-2017-7998

Multiple cross-site scripting XSS vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the 1 printer name when adding a printer in the admin panel or 2 username parameter to webapp/users/userreg.jsp...

CVE-2017-7997

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the 1 showprn parameter to webapp/users/prnow.jsp or showmonth parameter to 2 webapp/users/blhistory.jsp or 3 webapp/users/prhistory.jsp...

CVE-2017-7997

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the 1 showprn parameter to webapp/users/prnow.jsp or showmonth parameter to 2 webapp/users/blhistory.jsp or 3 webapp/users/prhistory.jsp...