Vulnerabilities > Sahipro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-29 | CVE-2019-13066 | Cross-site Scripting vulnerability in Sahipro Sahi PRO 8.0.0 Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBReports with many different areas that are vulnerable to reflected XSS, by updating a script's Script Name, Suite Name, Base URL, Android, iOS, Scripts Run, Origin Machine, or Comment field. | 6.1 |
| 2019-09-23 | CVE-2019-13063 | Path Traversal vulnerability in Sahipro Sahi PRO 8.0.0 Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. | 7.5 |
| 2019-09-06 | CVE-2019-15102 | Missing Authentication for Critical Function vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. | 9.8 |
| 2019-07-14 | CVE-2019-13597 | OS Command Injection vulnerability in Sahipro Sahi PRO 8.0.0 _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. | 9.8 |
| 2019-06-17 | CVE-2018-20472 | Cross-site Scripting vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. | 5.4 |
| 2019-06-17 | CVE-2018-20470 | Path Traversal vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. | 7.5 |
| 2019-06-17 | CVE-2018-20469 | SQL Injection vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. | 9.8 |
| 2019-06-17 | CVE-2018-20468 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. | 8.8 |