cbcvebase.

Axiositalia Registro Elettronico vulnerabilities

4 known vulnerabilities affecting axiositalia/registro_elettronico.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2018-18437P3MEDIUMCVSS 6.1PoCv1.7.02018-10-23
CVE-2018-18437 [MEDIUM] CWE-79 CVE-2018-18437: In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret/relogoff.aspx has XSS via the In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret/relogoff.aspx has XSS via the Error_Desc parameter.
nvd
CVE-2019-25068P3HIGHCVSS 8.8v1.7.0v7.0.02022-06-09
CVE-2019-25068 [HIGH] CWE-269 CVE-2019-25068: A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerab A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely.
nvd
CVE-2019-25069P3HIGHCVSS 7.5v1.7.0v7.0.02022-06-09
CVE-2019-25069 [HIGH] CWE-200 CVE-2019-25069: A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/ A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely.
nvd
CVE-2019-7693P4MEDIUMCVSS 6.1v1.7.0v7.0.02019-02-10
CVE-2019-7693 [MEDIUM] CWE-79 CVE-2019-7693: Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.aspx Error_Parameters parameter. Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.aspx Error_Parameters parameter. In some situations, the XSS would be on the family.axioscloud.it cloud service; however, the vendor also supports "Sissi in Rete (con server)" for offline operation.
nvd
Axiositalia Registro Elettronico vulnerabilities | cvebase