EUVD-2019-1742

Malware in sbrugna...

CVE-2019-1000023

OPT/NET BV OPTOSS Next Gen Network Management System NG-NetMS version v3.6-2 and earlier versions contains a SQL Injection vulnerability in Identified vulnerable parameters: id, idaccesstype and idattraccess that can result in a malicious attacker can include own SQL commands which database will...

CVE-2019-1000023

OPT/NET BV OPTOSS Next Gen Network Management System NG-NetMS version v3.6-2 and earlier versions contains a SQL Injection vulnerability in Identified vulnerable parameters: id, idaccesstype and idattraccess that can result in a malicious attacker can include own SQL commands which database will...

Cross site scripting

OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting XSS vulnerability in /js/libs/jstree/demo/filebrowser/index.php page. The "id" and "operation" GET parameters can be used to inject arbitrary JavaScript which is returned in the page's response that can result...

CVE-2019-1000023

CVE-2019-1000023 affects OPTOSS Next Gen Network Management System (NG-NetMS) v3.6-2 and earlier. The issue is a SQL Injection in vulnerable parameters id, id_access_type, and id_attr_access, allowing an attacker to inject and execute arbitrary SQL commands on the database. Exploitation is possib...

CVE-2019-1000024

OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting XSS vulnerability in /js/libs/jstree/demo/filebrowser/index.php page. The "id" and "operation" GET parameters can be used to inject arbitrary JavaScript which is returned in the page's response that can result...

CVE-2019-1000023

OPT/NET BV OPTOSS Next Gen Network Management System NG-NetMS version v3.6-2 and earlier versions contains a SQL Injection vulnerability in Identified vulnerable parameters: id, idaccesstype and idattraccess that can result in a malicious attacker can include own SQL commands which database will...