CVE-2024-51320

Medium CVSS: 5.4

Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdm_fsave_htmltmp, /servlet/gsdm_btlk_openfile components

Vendor

Zucchetti

Product

Ad Hoc Infinity

CWE

CWE-79

Yayın Tarihi

2025-03-11 15:15:42

Güncelleme

2025-05-28 14:50:57

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Ad Hoc Infinity MEDIUM Zucchetti 2025

Referanslar

https://members.backbox.org/zucchetti-ad-hoc-infinity-multiple-vulnerabilities/ https://members.backbox.org/zucchetti-ad-hoc-infinity-multiple-vulnerabilities/

Benzer Kayıtlar

Medium

CVE-2025-61431

A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of Zucchetti ZMaintenance…

Medium

CVE-2025-52180

Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Infinity 4.2 and earlier allows remote unauthenticated atta…

High

CVE-2024-51319

A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attac…

High

CVE-2024-51321

In Zucchetti Ad Hoc Infinity 2.4, an improper check on the m_cURL parameter allows an attacker to redirect the victim to…

Medium

CVE-2024-51322

Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote C…

Medium

CVE-2023-42230

Pat Infinite Solutions HelpdeskAdvanced