Manuel Scala - Security Researcher - Exploit Intelligence Platform

CVE-2026-30251 WRITEUP MEDIUM WRITEUP

Interzen ZenShare Suite 17.0 - Reflected Cross-Site Scripting via codice_azienda Parameter

A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.

CVSS 6.1

View Code

CVE-2026-30252 WRITEUP MEDIUM WRITEUP

ZenShare Suite 17.0 - Reflected XSS

Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.

CVSS 6.1

View Code

CVE-2024-46644 WRITEUP MEDIUM WRITEUP

eNMS 4.4.0-4.7.1 - Path Traversal via edit_file

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file.

CVSS 6.5

View Code

CVE-2024-46645 WRITEUP HIGH WRITEUP

eNMS 4.0.0 - Path Traversal via get_tree_files

eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.

CVSS 7.5

View Code

CVE-2024-46646 WRITEUP MEDIUM WRITEUP

eNMS < 4.7.1 - Path Traversal via /download/file

eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file.

CVSS 6.5

View Code

CVE-2024-46647 WRITEUP MEDIUM WRITEUP

eNMS 4.4.0-4.7.1 - Path Traversal via upload_files

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files.

CVSS 6.5

View Code

CVE-2024-46648 WRITEUP HIGH WRITEUP

eNMS 4.4.0-4.7.1 - Path Traversal via scan_folder

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder.

CVSS 7.5

View Code

CVE-2024-46649 WRITEUP HIGH WRITEUP

eNMS < 4.7.1 - Path Traversal via Download Folder

eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder.

CVSS 7.5

View Code