20 matches found
CVE-2025-56699
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender parameter...
EUVD-2025-34799
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender parameter...
CVE-2025-56699
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender parameter...
CVE-2025-56699
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender parameter...
CVE-2025-56699
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender parameter...
CVE-2025-56699
The CVE-2025-56699 issue affects Centrax Open PSIM v6.1 (Base Digitale Group spa) in the cmd component, where the sender parameter is not properly validated, enabling an unauthenticated attacker to execute arbitrary SQL commands. This is a SQL injection vulnerability with a CVSS 3.1 base score of...
EUVD-2005-1407
Malware in sbrugna...
Tcman Gim SQL注入漏洞
Tcman Gim is a facility management software from the Spanish company Tcman designed for use on mobile devices. A SQL injection vulnerability exists in Tcman Gim version v11, which stems from an SQL injection in the createNotificationAndroid endpoint Sender and email parameters...
CVE-2023-44855
Cross Site Scripting XSS vulnerability in Cobham SAILOR VSAT Ku v.164B019 allows a remote attacker to execute arbitrary code via a crafted script to the rdiag, sender, and recipients parameters of the sub219C4 function in the acuweb file...
CVE-2023-44856
Cross Site Scripting XSS vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub21D24 function in the acuweb file...
CVE-2023-44855
Cross Site Scripting XSS vulnerability in Cobham SAILOR VSAT Ku v.164B019 allows a remote attacker to execute arbitrary code via a crafted script to the rdiag, sender, and recipients parameters of the sub219C4 function in the acuweb file...
CVE-2023-44855
CVE-2023-44855 affects Cobham SAILOR VSAT Ku v.164B019. The vulnerability is a Cross Site Scripting (XSS) flaw in the acu_web file, exploitable via a crafted script in the rdiag, sender, and recipients parameters of the sub_219C4 function. This allows a remote attacker to execute arbitrary code i...
CVE-2020-35753
The job posting recommendation form in Persis Human Resource Management Portal Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20, when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter...
CVE-2020-35753
The job posting recommendation form in Persis Human Resource Management Portal Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20, when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter...
Cross site scripting
The job posting recommendation form in Persis Human Resource Management Portal Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20, when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter...
Persis Human Resource Management Portal Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Persis Human Resource Management Portal that originates in the SENDER parameter...
CVE-2020-35753
The CVE-2020-35753 issue affects Persis Human Resource Management Portal: versions 17.2.00–17.2.35 and 19.0.00–19.0.20, where the job posting recommendation form allows XSS via the SENDER parameter when the “Recommend job posting” function is enabled. The vulnerability is described as an XSS in t...
CVE-2007-0610
Cross-site scripting XSS vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote attackers to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote attackers to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-0610
Cross-site scripting XSS vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote attackers to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...