17 matches found
CVE-2023-6275
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input "...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
CVE-2023-6275
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
Cross site scripting
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275 TOTVS Fluig Platform mobileredir openApp.jsp cross site scripting
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275 TOTVS Fluig Platform mobileredir openApp.jsp cross site scripting
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...
CVE-2023-6275
TOTVS Fluig Platform (versions 1.6.x–1.8.1) is affected by a Cross-Site Scripting in the mobileredir/openApp.jsp component. The vulnerability arises from manipulating the redirectUrl/user parameters, e.g. redirectUrl/user with payloads like >, enabling reflected XSS. The issue may be exploited...
TOTVS Fluig Cross-Site Scripting Vulnerability
TOTVS Fluig is an application from TOTVS Portugal. It is used to automate ERP tasks. A cross-site scripting vulnerability exists in TOTVS Fluig Platform, which stems from the parameter redirectUrl/user in the file /mobileredir/openApp.jsp can lead to a cross-site scripting vulnerability...
TOTVS Fluig Platform Directory Traversal (CVE-2020-29134)
A directory traversal vulnerability exists in TOTVS Fluig Platform. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
Path traversal
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...
CVE-2020-29134
CVE-2020-29134 (Totvs Fluig platform) affects Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4, via a base64-encoded directory traversal in the parameter file. Root cause: path traversal enabling access to filesystem and sensitive files. Impact (as described): reading of sensitive XML files that may...
CVE-2020-29134
The TOTVS Fluig platform allows path traversal through the parameter “file = .. /” encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4 Recent assessments: lucxssouza at March 24, 2021 6:54pm UTC reported: Assessed Attacker Value: 5 Assessed Attacker Value:...
Totvs TOTVS Fluig 路径遍历漏洞
Totvs TOTVS Fluig is an application from the Portuguese company Totvs. It is used to automate ERP tasks. A path traversal vulnerability exists in TOTVS Fluig Luke 1.7.0 that allows directory traversal via base64 encoded files...
Exploit for Path Traversal in Totvs Fluig
Totvs Fluig Platform Fluig is the productivity and...