Known Vulnerabilities for products from Frangoteam
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Frangoteam".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-33831 json | A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbi... | 9.8 - CRITICAL | 2023-09-18 | 2023-09-19 |
| CVE-2023-31719 json | FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. | 9.8 - CRITICAL | 2023-09-22 | 2023-09-25 |
| CVE-2023-31718 json | FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download. | 7.5 - HIGH | 2023-09-22 | 2023-09-25 |
| CVE-2023-31717 json | A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. | 7.5 - HIGH | 2023-09-22 | 2023-09-25 |
| CVE-2023-31716 json | FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log | 7.5 - HIGH | 2023-09-22 | 2023-09-25 |
| CVE-2021-45851 json | A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive informatio... | 7.5 - HIGH | 2022-03-16 | 2022-03-23 |