Skip to main content

Gazie

3 CVEs product

Monthly

CVE-2020-21731 MEDIUM This Month

Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Gazie
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-12743 CRITICAL PATCH Act Now

An issue was discovered in Gazie 7.32. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal PHP Information Disclosure Gazie
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2012-1220 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP Gazie
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.2%
EPSS 1% CVSS 6.1
MEDIUM This Month

Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Gazie
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Gazie 7.32. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal PHP Information Disclosure +1
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP Gazie
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy