18 matches found
EUVD-2017-11112
Malware in sbrugna...
EUVD-2017-11111
Malware in sbrugna...
CVE-2017-20105
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The...
CVE-2017-20104
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2017-20105
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The...
CVE-2017-20105
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The...
CVE-2017-20104
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2017-20104
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
Path traversal
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The...
Sql injection
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2017-20105 Simplessus path traversal
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The...
CVE-2017-20105
The CVE refers to Simplessus 3.7.7 with a path-traversal vulnerability triggered by the input sequence of multiple ../ to access etc/passwd. The underlying issue is in the handling of the argument path, allowing remote exploitation. Upgrade to version 3.8.3 is recommended and cited as addressing ...
CVE-2017-20104
CVE-2017-20104 affects Simplessus 3.7.7. The vulnerability is a SQL injection in the Cookie Handler component triggered by manipulating the UWA_SID parameter. It can be exploited remotely and has been publicly disclosed. Upgrading to version 3.8.3 is the stated remediation. If present, CVSS detai...
CVE-2017-20104 Simplessus Cookie Time sql injection
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
Simplessus SQL注入漏洞
Simplessus is a modern software for managing customer relationships from the German company Simplessus. A SQL injection vulnerability exists in Simplessus version 3.7.7. An attacker could exploit this vulnerability to conduct a sql injection attack via the UWASID parameter...
Simplessus 路径遍历漏洞
Simplessus is a modern software for managing customer relationships from the German company Simplessus. A security vulnerability exists in Simplessus version 3.7.7 that stems from a path traversal vulnerability in Simplessus...
Simplessus Files 3.7.7 SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2017-001 Product: Simplessus Files Manufacturer: Simplessus Affected Versions: 3.7.7 Tested Versions: 3.7.7 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Open Manufacturer Notification: January 25, 2017...
Simplessus Files 3.7.7 Path Traversal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2017-004 Product: Simplessus Files Manufacturer: Simplessus Affected Versions: 3.7.7 Tested Versions: 3.7.7 Vulnerability Type: Path Traversal CWE-22 Risk Level: High Solution Status: Fixed Manufacturer Notification: January 25, 20...