Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2020/09/14 8:15 p.m.11 views

CVE-2020-10228

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...

8.8CVSS0.0681EPSS
Exploits2References3
Prion
Prionadded 2020/09/14 8:15 p.m.12 views

Cross site scripting

A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...

4.3CVSS6.2AI score0.00509EPSS
Exploits3References3Affected Software1
Prion
Prionadded 2020/09/14 8:15 p.m.13 views

Unrestricted file upload

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...

6.5CVSS8.8AI score0.0681EPSS
Exploits2References3Affected Software1
Cvelist
Cvelistadded 2020/09/14 7:58 p.m.10 views

CVE-2020-10227

A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...

6.4AI score0.00509EPSS
Exploits3References3
CVE
CVEadded 2020/09/14 7:58 p.m.76 views

CVE-2020-10227

CVE-2020-10227 describes a cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE, where an attacker can inject arbitrary JavaScript via the From field of an email. Affected component: vtenext/vtecrm 19 CE, Messages module. Root cause: input handling in the email ...

6.1CVSS6.2AI score0.00509EPSS
Exploits3References3Affected Software1
Cvelist
Cvelistadded 2020/09/14 7:56 p.m.9 views

CVE-2020-10228

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...

8.9AI score0.0681EPSS
Exploits2References3
CVE
CVEadded 2020/09/14 7:56 p.m.73 views

CVE-2020-10228

CVE-2020-10228 affects vtecrm/vtenext 19 CE and is a file upload vulnerability that allows authenticated users to upload a .pht file, enabling remote code execution. Public discussions and exploits exist (e.g., Exploit-DB) describing the chain to achieve RCE. Multiple catalogs (NVD, Red Hat, CNVD...

8.8CVSS8.8AI score0.0681EPSS
Exploits2References3Affected Software1
CVE
CVEadded 2020/09/14 7:55 p.m.65 views

CVE-2020-10229

CVE-2020-10229 describes a CSRF vulnerability in VTENEXT 19 CE (vtecrm) that enables an attacker to perform administrator-level actions on behalf of a logged-in admin, including uploading files, adding users, and deleting accounts. Public sources in the connected set include references to Red Hat...

8.8CVSS8.6AI score0.00397EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Stormadded 2020/09/11 12:0 a.m.566 views

VTENEXT 19 CE Remote Code Execution

!/usr/bin/python3 Exploit Title: VTENEXT 19 CE - Remote Code Execution Google Dork: n/a Date: 2020/09/09 Exploit Author: Marco Ruela Vendor Homepage: https://www.vtenext.com/en/ Software Link: Vendor removed vulnerable version from sourceforge.net Version: 19 CE Tested on: Ubuntu 16.04 CVE : N/A...

0.0681EPSS
Exploits4
Exploit DB
Exploit DBadded 2020/09/11 12:0 a.m.720 views

VTENEXT 19 CE - Remote Code Execution

!/usr/bin/python3 Exploit Title: VTENEXT 19 CE - Remote Code Execution Google Dork: n/a Date: 2020/09/09 Exploit Author: Marco Ruela Vendor Homepage: https://www.vtenext.com/en/ Software Link: Vendor removed vulnerable version from sourceforge.net Version: 19 CE Tested on: Ubuntu 16.04 CVE : N/A...

8.8CVSS7.5AI score0.0681EPSS
Exploits3
Rows per page
Query Builder