VYPR
Vendor

Solucija

Products
3
CVEs
15
Across products
23
Status
Private

Products

3

Recent CVEs

15
  • CVE-2018-1000547MedJun 26, 2018
    risk 0.35cvss 5.3epss 0.01

    coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. .

  • CVE-2010-2926Jul 30, 2010
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter.

  • CVE-2006-0715Feb 15, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote attackers to inject arbitrary web script or HTML via the comment field.

  • CVE-2005-3853Nov 27, 2005
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category parameters to index.php.

  • CVE-2023-48029Nov 17, 2023
    risk 0.00cvss epss 0.01

    Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject a malicious command into a table. This vulnerability is exploited when an administrator visits the user management section, exports the data to a CSV file, and then opens it, leading…

  • CVE-2023-3075Jun 2, 2023
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3074Jun 2, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3071Jun 2, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3069Jun 2, 2023
    risk 0.00cvss epss 0.01

    Unverified Password Change in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3070Jun 2, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

  • CVE-2023-3073Jun 2, 2023
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc.

  • CVE-2023-1527Mar 21, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0.

  • CVE-2022-4446Dec 13, 2022
    risk 0.00cvss epss 0.01

    PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.

  • CVE-2006-3916Jul 28, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.

  • CVE-2006-0716Feb 15, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in index.php in sNews 1.3 allows remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.