CVE-2026-3120

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue affects SambaBox: from 5.1 before 5.3...

CVE-2025-2488

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS.This issue affects SambaBox: before 5.1...

CVE-2025-2488

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS. This issue affects SambaBox: before 5.1...

CVE-2022-25620

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

CVE-2022-25619

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...