11 matches found
The vulnerability of the Production Environment module of the Netmake ScriptCase platform for developing web applications in PHP language allows a hacker to bypass the administrator password.
The vulnerability of the Production Environment module of the Netmake ScriptCase platform for developing web applications in PHP is related to errors in the representation of certain functions. Exploiting this vulnerability can allow a malicious actor to bypass the administrator’s password by...
CVE-2025-47228
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...
CVE-2025-47228
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...
CVE-2025-47228
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests...
CVE-2025-47228
CVE-2025-47228 affects Netmake ScriptCase, Production Environment extension, up to version 9.12.006(23). A shell injection flaw exists in the SSH connection settings that, when paired with authenticated access and crafted HTTP requests, allows an attacker to execute system commands on the server....
CVE-2025-47227
Netmake ScriptCase Production Environment extension (up to 9.12.006) contains a vulnerability in the administrator password reset mechanism. Specifically, GET and POST requests to login.php can bypass authentication, enabling an unauthenticated administrator account takeover. The CVSS=3.1 base sc...
PT-2025-28034
Name of the Vulnerable Software and Affected Versions Netmake ScriptCase versions prior to 9.12.006 23 Description The Production Environment extension contains a flaw in the administrator password reset mechanism. An unauthenticated remote attacker can bypass authentication and take over the...