Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sefrengo Security Vulnerabilities

cve
cve

CVE-2015-0918

Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/main.php.

5.9AI Score

0.01EPSS

2022-10-03 04:16 PM
22
cve
cve

CVE-2015-0919

Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter to backend/main.php.

8.7AI Score

0.008EPSS

2022-10-03 04:16 PM
14
cve
cve

CVE-2015-1428

Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authenticated users to execute arbitrary SQL commands via the value_id parameter in a save_value action t...

8.2AI Score

0.02EPSS

2015-02-03 04:59 PM
25
cve
cve

CVE-2015-5052

SQL injection vulnerability in Sefrengo before 1.6.5 beta2.

9.8CVSS

9.7AI Score

0.002EPSS

2017-09-07 08:29 PM
17