CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

CVE-2026-3120

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue affects SambaBox: from 5.1 before 5.3...

7.2CVSS5.5AI score0.00068EPSS

Exploits0References1

EUVD•added 2026/05/04 11:53 a.m.•1 views

EUVD-2026-26945

7.2CVSS5.8AI score0.00068EPSS

Exploits0References1

CVE•added 2026/05/04 11:53 a.m.•6 views

CVE-2026-3120

Affected product: SambaBox (Profelis Information and Consulting) – versions 5.1 up to 5.3 (exclusive). Issue: Improper control of code generation leading to OS command injection. This is a network-vector vulnerability with no user interaction, potentially enabling remote command execution; CVSSv3...

7.2CVSS5.8AI score0.00068EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-30279

Malicious code in bioql PyPI...

6.7CVSS6.7AI score0.00144EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-13111

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00376EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-13110

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00167EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-30280

Malicious code in bioql PyPI...

9CVSS9AI score0.00536EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:32 a.m.•3 views

CVE-2024-7015

Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse. This issue affects PassBox: before v1.2...

9.8CVSS5.8AI score0.00148EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:25 a.m.•7 views

CVE-2022-25619

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

6.7CVSS7.1AI score0.00144EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:25 a.m.•4 views

CVE-2022-25620

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

9CVSS7.3AI score0.00536EPSS

Exploits0References1

RedhatCVE•added 2025/05/04 12:10 p.m.•17 views

CVE-2025-2421

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection.This issue affects SambaBox: before 5.1...

9.8CVSS7.1AI score0.00376EPSS

Exploits0References1

RedhatCVE•added 2025/05/04 12:10 p.m.•14 views

CVE-2025-2488

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS.This issue affects SambaBox: before 5.1...

6.1CVSS6.5AI score0.00167EPSS

Exploits0References1

NVD•added 2025/05/02 12:15 p.m.•9 views

CVE-2025-2488

6.1CVSS0.00167EPSS

Exploits0References3

NVD•added 2025/05/02 12:15 p.m.•12 views

CVE-2025-2421

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS0.00376EPSS

Exploits0References3

ATTACKERKB•added 2025/05/02 12:15 p.m.•1 views

CVE-2025-2421

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS5.4AI score0.00376EPSS

Exploits0References4

Cvelist•added 2025/05/02 11:30 a.m.•8 views

CVE-2025-2488 XSS in Profelis Informatics' SambaBox

6.1CVSS0.00167EPSS

Exploits0References3

Vulnrichment•added 2025/05/02 11:30 a.m.•3 views

CVE-2025-2488 XSS in Profelis Informatics' SambaBox

6.1CVSS5.4AI score0.00167EPSS

Exploits0References3

CVE•added 2025/05/02 11:30 a.m.•55 views

CVE-2025-2488

CVE-2025-2488 affects SambaBox by Profelis Informatics. The vulnerability is an XSS due to improper neutralization of input during web page generation, impacting SambaBox versions before 5.1. Technical details across connected sources confirm the affected component (web page generation), root cau...

6.1CVSS5.4AI score0.00167EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/05/02 11:27 a.m.•6 views

CVE-2025-2421 Remote Code Execution in Profelis Informatics' SambaBox

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS5.5AI score0.00376EPSS

Exploits0References3

Cvelist•added 2025/05/02 11:27 a.m.•15 views

CVE-2025-2421 Remote Code Execution in Profelis Informatics' SambaBox

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS0.00376EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by