Vulnerabilidades em devcode-it
16 resultadosCVE-2025-69212CRITICALOpenSTAManager has an OS Command Injection in P7M File ProcessingEPSS 1.8%CVE-2026-35168HIGHOpenSTAManager: SQL Injection via Aggiornamenti ModuleEPSS 0.7%CVE-2026-29782HIGHOpenSTAManager: Remote Code Execution via Insecure Deserialization in OAuth2EPSS 0.6%CVE-2026-27012CRITICALUnauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.phpEPSS 0.5%CVE-2026-28805HIGHOpenSTAManager: Time-Based Blind SQL Injection via `options[stato]` ParameterEPSS 0.5%CVE-2025-69214HIGHOpenSTAManager has a SQL Injection in ajax_select.php (componenti endpoint)EPSS 0.4%CVE-2026-35470HIGHOpenSTAManager has a SQL Injection via righe Parameter in confronta_righe ModalsEPSS 0.4%CVE-2025-69213HIGHOpenSTAManager has a SQL Injection in ajax_complete.php (get_sedi endpoint)EPSS 0.4%CVE-2025-69215HIGHOpenSTAManager has an SQL Injection in the Stampe ModuleEPSS 0.4%CVE-2026-24416HIGHOpenSTAManager has a Time-Based Blind SQL Injection in Article Pricing ModuleEPSS 0.4%CVE-2026-24417HIGHOpenSTAManager has a Time-Based Blind SQL Injection with Amplified Denial of ServiceEPSS 0.4%CVE-2026-24418HIGHOpenSTAManager has an SQL Injection vulnerability in the Scadenzario bulk operations moduleEPSS 0.4%CVE-2025-69216HIGHOpenSTAManager has an SQL Injection in Scadenzario Print TemplateEPSS 0.4%CVE-2026-24419HIGHOpenSTAManager has an SQL Injection in the Prima Nota moduleEPSS 0.3%CVE-2025-65103HIGHOpenSTAManager has an authenticated SQL Injection vulnerability in API via 'display' parameterEPSS 0.3%CVE-2026-24415MEDIUMOpenSTAManager affected by reflected XSS in modifica_iva.php via righe parameterEPSS 0.2%