Product
sahipro sahi pro
8 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2019-13066
CVE-2019-13063
CVE-2019-15102
CVE-2019-13597
CVE-2018-20472
CVE-2018-20470
CVE-2018-20469
CVE-2018-20468
all versions
Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBReports with many different areas that are vulnerable to reflec
all versions
Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script param
>= 6.0.0 and <= 8.0.0
An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner_Non_distributed (and distributed end points) does not have
all versions
_s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Lau
<= 8.0.0
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS.
<= 8.0.0
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exis
<= 8.0.0
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL in
<= 8.0.0
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vul