219 matches found
CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
GHSA-RM34-FG4M-39MW OpenSTAManager contains an arbitrary file upload vulnerability in its module update functionality
OpenSTAManager versions 2.10 and earlier contain an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
OpenSTAManager contains an arbitrary file upload vulnerability in its module update functionality
OpenSTAManager versions 2.10 and earlier contain an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
Arbitrary File Upload
Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to Arbitrary File Upload via the uploadmodules.php process. An attacker can upload arbitrary files by exploiting insufficient validation...
CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
OpenSTAManager 代码问题漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager 2.10 and earlier had code-related vulnerabilities, which stemmed from arbitrary file upload vulnerabilities in the module update function...
EUVD-2026-27086
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
PT-2026-36895
Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.11 Description An arbitrary file upload issue exists in the module update functionality within the 'modules/aggiornamenti/upload modules.php' endpoint. Recommendations Update to a version later than 2.10...
CVE-2026-38751
CVE-2026-38751 affects OpenSTAManager versions prior to 2.11 (2.10 and earlier) and is an arbitrary file upload vulnerability in the module update endpoint (modules/aggiornamenti/upload_modules.php). The Red Hat/NVD/CVE records, along with PT-Security and CVE enrichment sources, confirm a vulnera...
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module. CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prima Nota module Overview | Field | Details | |---|---| | CVE ID | CVE-2026-24419 | | Severity | HIGH | | Advisory | View...
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Scadenzario Print Template. CVE-2025-69216: OpenSTAManager has a SQL Injection in Scadenzario Print Template Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69216 | | Severity | HIGH | |...
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Scadenzario bulk operations module. CVE-2026-24418: OpenSTAManager has a SQL Injection vulnerability in the Scadenzario bulk operations module Overview | Field | Details | |---|---| | CVE ID |...
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Stampe module. CVE-2025-69215: OpenSTAManager has an SQL Injection in the Stampe Module Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69215 | | Severity | HIGH | | Advisory | View Advisory...
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in ajaxcomplete.php. CVE-2025-69213: OpenSTAManager has a SQL Injection in ajaxcomplete.php getsedi endpoint Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69213 | | Severity | HIGH | | Advisory |...
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in ajaxselect.php. CVE-2025-69214: OpenSTAManager has a SQL Injection in ajaxselect.php componenti endpoint Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69214 | | Severity | HIGH | | Advisory |...
📄 OpenSTAManager 2.9.8 Cross Site Scripting
OpenSTAManager versions 2.9.8 and below suffer from a cross site scripting vulnerability in modificaiva.php via the righe parameter. CVE-2026-24415: OpenSTAManager Affected by XSS in modificaiva.php via righe parameter Overview | Field | Details | |---|---| | CVE ID | CVE-2026-24415 | | Severity ...
📄 OpenSTAManager 2.9.8 SQL Injection / Denial of Service
OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the search functionality that can lead to a denial of service condition. CVE-2026-24417: OpenSTAManager has a Time-Based Blind SQL Injection with Amplified Denial of Service Overview | Field |...
📄 OpenSTAManager 2.9.8 Command Injection
OpenSTAManager versions 2.9.8 and below suffer from a command injection vulnerability via the P7M file processing functionality. CVE-2025-69212: OpenSTAManager has an OS Command Injection in P7M File Processing Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69212 | | Severity | CRITIC...