Manuel Scala

8 exploits Active since Sep 2024
CVE-2026-30251 WRITEUP MEDIUM WRITEUP
ZenShare Suite 17.0 - XSS
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
CVSS 6.1
CVE-2026-30252 WRITEUP MEDIUM WRITEUP
ZenShare Suite 17.0 - Reflected XSS
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
CVSS 6.1
CVE-2024-46644 WRITEUP MEDIUM WRITEUP
Enms < 4.7.1 - Path Traversal
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file.
CVSS 6.5
CVE-2024-46645 WRITEUP HIGH WRITEUP
Enms - Path Traversal
eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.
CVSS 7.5
CVE-2024-46646 WRITEUP MEDIUM WRITEUP
Enms < 4.7.1 - Path Traversal
eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file.
CVSS 6.5
CVE-2024-46647 WRITEUP MEDIUM WRITEUP
Enms < 4.7.1 - Path Traversal
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files.
CVSS 6.5
CVE-2024-46648 WRITEUP HIGH WRITEUP
Enms < 4.7.1 - Path Traversal
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder.
CVSS 7.5
CVE-2024-46649 WRITEUP HIGH WRITEUP
Enms < 4.7.1 - Path Traversal
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder.
CVSS 7.5