Vulnerabilities > Zucchetti

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-14	CVE-2021-42369	SQL Injection vulnerability in Zucchetti Imagicle UC Suite Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. network low complexity zucchetti CWE-89	8.8
2019-10-30	CVE-2019-18207	Cross-site Scripting vulnerability in Zucchetti Infobusiness 4.4.1 In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. network low complexity zucchetti CWE-79	5.4
2019-10-30	CVE-2019-18206	Cross-Site Request Forgery (CSRF) vulnerability in Zucchetti Infobusiness 4.4.1 A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including 4.4.1 allows arbitrary file upload. network low complexity zucchetti CWE-352	8.8
2019-10-30	CVE-2019-18205	Cross-site Scripting vulnerability in Zucchetti Infobusiness 4.4.1 Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in Zucchetti InfoBusiness before and including 4.4.1. network low complexity zucchetti CWE-79	6.1
2019-10-30	CVE-2019-18204	Unrestricted Upload of File with Dangerous Type vulnerability in Zucchetti Infobusiness 4.4.1 Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php files in order to achieve code execution. network low complexity zucchetti CWE-434	8.8
2019-06-19	CVE-2019-10257	Path Traversal vulnerability in Zucchetti HR Portal 20190315 Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. network low complexity zucchetti CWE-22	7.5

Vulnerabilities > Zucchetti {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zucchetti"}]}

Vulnerabilities > Zucchetti