42 matches found
CVE-2024-50715
An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via command injection through a vulnerable unsanitized parameter defined in the /youtubeInfo.php component...
CVE-2024-50714
A Server-Side Request Forgery SSRF in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via a crafted script to the /FB/getFbVideoSource.php component...
CVE-2024-50716
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component...
CVE-2024-50717
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component...
Smarts Smart Agent interface.php Page SQL Injection Vulnerability
Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...
CVE-2024-50714
A Server-Side Request Forgery SSRF in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via a crafted script to the /FB/getFbVideoSource.php component...
CVE-2024-50717
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component...
CVE-2024-50716
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component...
CVE-2024-50717
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component...
CVE-2024-50716
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component...
CVE-2024-50715
An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via command injection through a vulnerable unsanitized parameter defined in the /youtubeInfo.php component...
CVE-2024-50715
An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via command injection through a vulnerable unsanitized parameter defined in the /youtubeInfo.php component...
CVE-2024-50714
A Server-Side Request Forgery SSRF in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via a crafted script to the /FB/getFbVideoSource.php component...
CVE-2024-50716
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component...
CVE-2024-50714
A Server-Side Request Forgery SSRF in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via a crafted script to the /FB/getFbVideoSource.php component...
CVE-2024-50717
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component...
Smarts Smart Agent 安全漏洞
Smarts Smart Agent is a powerful, flexible and extensible tool from Smarts, Inc. for monitoring wireless network performance and services from an end-user perspective. A security vulnerability exists in Smarts Smart Agent version v1.1.0, which stems from an arbitrary code execution vulnerability...
Smarts Smart Agent 安全漏洞
Smarts Smart Agent is a powerful, flexible and extensible tool from Smarts for monitoring wireless network performance and services from the end user's perspective. A security vulnerability exists in Smarts Smart Agent version v1.1.0, which stems from the /FB/getFbVideoSource.php page containing ...
CVE-2024-50716
Summary (CVE-2024-50716) : A SQL injection flaw in Smart Agent v1.1.0 allows a remote attacker to execute arbitrary code via the id parameter on the /sendPushManually.php endpoint. This is described across multiple sources (NVD, Red Hat, CVE databases) as an arbitrary code execution vulnerability...
PT-2024-34397 · Unknown · Smart Agent
Name of the Vulnerable Software and Affected Versions: Smart Agent version 1.1.0 Description: A Server-Side Request Forgery SSRF issue allows a remote attacker to obtain sensitive information via a crafted script to the "/FB/getFbVideoSource.php" component. This enables the attacker to access...