Skip to main content

Centraleyezer

3 CVEs product

Monthly

CVE-2019-12311 MEDIUM POC This Month

Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS File Upload Centraleyezer
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2019-12299 MEDIUM POC This Month

Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Centraleyezer
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-12271 CRITICAL POC Act Now

Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Centraleyezer
NVD
CVSS 3.1
9.8
EPSS
2.0%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS File Upload Centraleyezer
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Centraleyezer
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Centraleyezer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy