2 matches found
PT-2023-31031 · Unknown · Smpn1Smg Absis
Name of the Vulnerable Software and Affected Versions: smpn1smg absis versions 2017-10-19 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the nama parameter in the "lock/lock.php" file. This is a Cross Site Scripting vulnerability. Recommendations: For...
CVE-2017-14853
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device...