Filtered by vendor Frangoteam
Subscriptions
Filtered by product Fuxa
Subscriptions
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-33831 | 1 Frangoteam | 1 Fuxa | 2024-09-25 | 9.8 Critical |
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request. | ||||
CVE-2023-31718 | 1 Frangoteam | 1 Fuxa | 2024-09-25 | 7.5 High |
FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download. | ||||
CVE-2023-31716 | 1 Frangoteam | 1 Fuxa | 2024-09-25 | 7.5 High |
FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log | ||||
CVE-2023-31717 | 1 Frangoteam | 1 Fuxa | 2024-09-24 | 7.5 High |
A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. | ||||
CVE-2023-31719 | 1 Frangoteam | 1 Fuxa | 2024-09-24 | 9.8 Critical |
FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. | ||||
CVE-2021-45851 | 1 Frangoteam | 1 Fuxa | 2024-08-04 | 7.5 High |
A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server. |
Page 1 of 1.