Vulnerabilities > Profelis > Sambabox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-30 | CVE-2022-25619 | Command Injection vulnerability in Profelis Sambabox Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. | 6.7 |
| 2022-03-30 | CVE-2022-25620 | Cross-site Scripting vulnerability in Profelis Sambabox Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. | 9.0 |