Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and...
7.5CVSS
7.5AI Score
0.025EPSS
Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to...
6.1CVSS
6.2AI Score
0.001EPSS
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3)...
9.8CVSS
10AI Score
0.006EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to...
6.1CVSS
6AI Score
0.001EPSS