Sahi Pro

sahi_pro

Vendor: Sahipro • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13066 1Sahipro 1Sahi Pro Nov 21, 2024 Oct 29, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBReports with many different areas that are vulnerable to reflected XSS, by updating a script's Script Name, Suite Name, Base URL, Android, iOS, Scripts R...Show more Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBReports with many different areas that are vulnerable to reflected XSS, by updating a script's Script Name, Suite Name, Base URL, Android, iOS, Scripts Run, Origin Machine, or Comment field. The sql parameter can be used to trigger reflected XSS.Show less
CVE-2019-13063 1Sahipro 1Sahi Pro Nov 21, 2024 Sep 23, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pul...Show more Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion.Show less
CVE-2019-15102 1Sahipro 1Sahi Pro Nov 21, 2024 Sep 6, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner_Non_distributed (and distributed end points) does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the...Show more An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner_Non_distributed (and distributed end points) does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intended for remote access to scripts. This web interface lacks server-side validation, which allows an attacker to create/modify/delete a script remotely without any password. Chaining both of these issues results in remote code execution on the Sahi Pro server.Show less
CVE-2019-13597 1Sahipro 1Sahi Pro Nov 21, 2024 Jul 14, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute command...Show more _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute commands on the server using the _execute() function.Show less
CVE-2018-20472 1Sahipro 1Sahi Pro Nov 21, 2024 Jun 17, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS.
CVE-2018-20470 1Sahipro 1Sahi Pro Nov 21, 2024 Jun 17, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitiv...Show more An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.Show less
CVE-2018-20469 1Sahipro 1Sahi Pro Nov 21, 2024 Jun 17, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions.
CVE-2018-20468 1Sahipro 1Sahi Pro Nov 21, 2024 Jun 17, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script...Show more An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution.Show less