22 matches found
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
EUVD-2020-2687
Malware in sbrugna...
EUVD-2020-2686
Malware in sbrugna...
EUVD-2020-2685
Malware in sbrugna...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
Cross site scripting
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
Unrestricted file upload
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
Cross site request forgery (csrf)
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10227
CVE-2020-10227 describes a cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE, where an attacker can inject arbitrary JavaScript via the From field of an email. Affected component: vtenext/vtecrm 19 CE, Messages module. Root cause: input handling in the email ...
CVE-2020-10228
CVE-2020-10228 affects vtecrm/vtenext 19 CE and is a file upload vulnerability that allows authenticated users to upload a .pht file, enabling remote code execution. Public discussions and exploits exist (e.g., Exploit-DB) describing the chain to achieve RCE. Multiple catalogs (NVD, Red Hat, CNVD...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...