Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.5 views

CVE-2021-27950

A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA...

8.8CVSS8.4AI score0.01676EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.6 views

CVE-2021-28901

Multiple cross-site scripting XSS vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the 1 NOMCLI , 2 ADRESSE , 3 ADRESSE2, 4 LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the 5 nomlis...

5.4CVSS6AI score0.00808EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15554

Malware in sbrugna...

5.4CVSS5.6AI score0.00808EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14668

Malware in sbrugna...

8.8CVSS8.7AI score0.01676EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in sita-tea (npm)

The package sita-tea was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-33329 Malicious code in sita-tea (npm)

The package sita-tea was found to contain malicious code...

7.2AI score
Exploits0
NVD
NVD
added 2021/09/15 6:15 p.m.23 views

CVE-2021-28901

Multiple cross-site scripting XSS vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the 1 NOMCLI , 2 ADRESSE , 3 ADRESSE2, 4 LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the 5 nomlis...

5.4CVSS0.00808EPSS
Exploits1References1
Prion
Prion
added 2021/09/15 6:15 p.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the 1 NOMCLI , 2 ADRESSE , 3 ADRESSE2, 4 LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the 5 nomlis...

3.5CVSS5.4AI score0.00808EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/15 5:50 p.m.22 views

CVE-2021-28901

Multiple cross-site scripting XSS vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the 1 NOMCLI , 2 ADRESSE , 3 ADRESSE2, 4 LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the 5 nomlis...

5.6AI score0.00808EPSS
Exploits1References1
CVE
CVE
added 2021/09/15 5:50 p.m.38 views

CVE-2021-28901

SITA Software Azur CMS (variant: 1.2.3.1 and earlier) exposes multiple cross-site scripting (XSS) vulnerabilities. The issue stems from insufficient validation/filtering of input parameters, allowing remote attackers to inject arbitrary script/HTML via: NOM_CLI, ADRESSE, ADRESSE2, LOCALITE to /es...

5.4CVSS5.4AI score0.00808EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/15 12:0 a.m.4 views

SITA Software Azur CMS 跨站脚本漏洞

SITA Software Azur CMS is a web CMS. A cross-site scripting vulnerability exists in SITA Software Azur CMS 1.2.3.1 and prior versions, which stems from the software's lack of effective validation and filtering of parameters. This allows a remote attacker to pass 1 NOMCLI, 2 ADRESSE, 3 ADRESSE2, 4...

5.4CVSS5.5AI score0.00808EPSS
Exploits1References2
CNVD
CNVD
added 2021/07/06 12:0 a.m.8 views

Sita AzurCMS SQL Injection Vulnerability

Sita AzurCMS is a telecommuting solution from Sita Luxembourg. for telecommuting, clustered storage and virtualization. Sita AzurCMS suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in azurWebEngine in Sita AzurCMS in 1.2.3.12. An attacker can exploit...

8.8CVSS8.3AI score0.01676EPSS
Exploits1References1
NVD
NVD
added 2021/07/02 3:15 p.m.10 views

CVE-2021-27950

A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA...

8.8CVSS0.01676EPSS
Exploits1References4
Prion
Prion
added 2021/07/02 3:15 p.m.14 views

Sql injection

A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA...

6.5CVSS9AI score0.01676EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2021/07/02 2:26 p.m.43 views

CVE-2021-27950

CVE-2021-27950 affects Sita AzurCMS (AzurWebEngine/eShop)

8.8CVSS8.9AI score0.01676EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2021/07/02 2:26 p.m.13 views

CVE-2021-27950

A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA...

9.2AI score0.01676EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.3 views

Sita AzurCMS SQL注入漏洞

Sita AzurCMS is a telecommuting solution from Sita Luxembourg. for telecommuting, clustered storage and virtualization. Sita AzurCMS suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in azurWebEngine in Sita AzurCMS in 1.2.3.12. An attacker can exploit...

8.8CVSS6.4AI score0.01676EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2021/06/14 6:59 a.m.78 views

Chinese Hackers Believed to be Behind Second Cyberattack on Air India

Even as a massive data breach affecting Air India came to light the previous month, India's flag carrier airline appears to have suffered a separate cyber assault that lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/11 2:23 p.m.58 views

Monumental Supply-Chain Attack on Airlines Traced to State Actor

A monster cyberattack on SITA, a global IT provider for 90 percent of the world’s airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history. The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentiall...

0.7AI score
Exploits0References9
The Hacker News
The Hacker News
added 2021/05/22 4:57 a.m.94 views

Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers

India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System PSS provider SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered...

1.6AI score
Exploits0
Rows per page
Query Builder