sapplica

Top products

The 15 most recently published vulnerabilities affecting sapplica.

• CVE-2024-29879Cross-Site Scripting (XSS) vulnerability in Sentrifugo7.1Mar 21, 2024
• CVE-2024-29878Cross-Site Scripting (XSS) vulnerability in Sentrifugo7.1Mar 21, 2024
• CVE-2024-29877Cross-Site Scripting (XSS) vulnerability in Sentrifugo7.1Mar 21, 2024
• CVE-2024-29876SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2024-29875SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2024-29874SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2024-29873SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2024-29872SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2024-29871SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2024-29870SQL injection vulnerability in Sentrifugo9.8Mar 21, 2024
• CVE-2023-29770In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering.8.8Nov 27, 2023
• CVE-2020-28365Sentrifugo 3.2 allows Stored Cross-Site Scripting (XSS) vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, th...6.1Dec 30, 2020
• CVE-2020-26803In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious...8.8Nov 12, 2020
• CVE-2020-26804In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment...8.8Nov 12, 2020
• CVE-2020-26805In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected...7.2Nov 12, 2020