22 matches found
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
EUVD-2020-2687
Malware in sbrugna...
EUVD-2020-2686
Malware in sbrugna...
EUVD-2020-2685
Malware in sbrugna...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
Cross site request forgery (csrf)
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...
Unrestricted file upload
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
Cross site scripting
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10227
CVE-2020-10227 describes a cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE, where an attacker can inject arbitrary JavaScript via the From field of an email. Affected component: vtenext/vtecrm 19 CE, Messages module. Root cause: input handling in the email ...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10228
CVE-2020-10228 affects vtecrm/vtenext 19 CE and is a file upload vulnerability that allows authenticated users to upload a .pht file, enabling remote code execution. Public discussions and exploits exist (e.g., Exploit-DB) describing the chain to achieve RCE. Multiple catalogs (NVD, Red Hat, CNVD...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
CVE-2020-10229
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...