Vertigis Fm vulnerabilities
2 known vulnerabilities affecting vertigis/vertigis_fm.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-0522P2HIGHCVSS 8.8fixed in 10.11.3632026-04-01
CVE-2026-0522 [HIGH] CWE-610 CVE-2026-0522: A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allo
A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allows authenticated attackers to read arbitrary files from the server by manipulating a file's path during its upload. When the file is subsequently downloaded, the file in the attacker controlled path is returned. Due to the application's ASP.NET architectu
nvd
CVE-2026-3877P4MEDIUMCVSS 6.1fixed in 10.13.4032026-04-01
CVE-2026-3877 [MEDIUM] CWE-79 CVE-2026-3877: A reflected cross-site scripting (XSS) vulnerability in the dashboard search functionality of the Ve
A reflected cross-site scripting (XSS) vulnerability in the dashboard search functionality of the VertiGIS FM solution allows attackers to craft a malicious URL, that if visited by an authenticated victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through various means, for instance, by sending a link or b
nvd