Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-25069 | 1 Axiositalia | 1 Registro Elettronico | 2022-06-16 | 5.0 MEDIUM | 7.5 HIGH |
A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely. | |||||
CVE-2019-25068 | 1 Axiositalia | 1 Registro Elettronico | 2022-06-16 | 6.5 MEDIUM | 8.8 HIGH |
A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely. | |||||
CVE-2019-7693 | 1 Axiositalia | 1 Registro Elettronico | 2019-02-12 | 4.3 MEDIUM | 6.1 MEDIUM |
Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.aspx Error_Parameters parameter. In some situations, the XSS would be on the family.axioscloud.it cloud service; however, the vendor also supports "Sissi in Rete (con server)" for offline operation. | |||||
CVE-2018-18437 | 1 Axiositalia | 1 Registro Elettronico | 2018-12-04 | 4.3 MEDIUM | 6.1 MEDIUM |
In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret/relogoff.aspx has XSS via the Error_Desc parameter. |