12 matches found
CVE-2021-37363
An Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level privileges nt authority\system due to the...
Gestionale Open 12.00.00 - (DB_GO_80) Unquoted Service Path Vulnerability
Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10...
Gestionale Open 12.00.00 Unquoted Service Path
Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Pat...
Gestionale Open 12.00.00 - 'DB_GO_80' Unquoted Service Path
Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Pat...
CVE-2021-37363
An Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level privileges nt authority\system due to the...
Path traversal
An Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level privileges nt authority\system due to the...
CVE-2021-37363
An Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level privileges nt authority\system due to the...
CVE-2021-37363
CVE-2021-37363 affects Gestionale Open 11.00.00. The vulnerability is described as an insecure permissions issue where a low-privilege account can rename the mysqld.exe in the bin folder and replace it with a malicious file that can connect back to an attacker, gaining system-level privileges bec...
Gestionale Open Srl Gestionale Open 安全漏洞
Gestionale Open Srl Gestionale Open Go is an open source free Erp management software for small and medium-sized businesses from the Italian company Gestionale Open Srl. A security vulnerability exists in Gestionale Open that stems from the ability of a low-privileged account to rename the...
Gestionale Open 11.00.00 - Local Privilege Escalation
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...
Gestionale Open 11.00.00 Privilege Escalation
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...
Gestionale Open 11.00.00 - Local Privilege Escalation Vulnerability
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...