Lucene search

Gespage Security Vulnerabilities

cve

CVE-2021-33807

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and...

7.5CVSS

7.5AI Score

0.025EPSS

2021-07-12 03:15 PM

cve

CVE-2018-9147

Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to...

6.1CVSS

6.2AI Score

0.001EPSS

2018-03-30 04:29 PM

cve

CVE-2017-7997

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3)...

9.8CVSS

10AI Score

0.006EPSS

2018-01-08 07:29 PM

cve

CVE-2017-7998

Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to...

6.1CVSS

6AI Score

0.001EPSS

2018-01-08 07:29 PM