gerico-lab

3 exploits Active since Dec 2025
CVE-2025-68914 WRITEUP MEDIUM WRITEUP
Riello UPS NetMan 208 <1.12 - SQL Injection
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table.
CVSS 6.5
CVE-2025-68915 WRITEUP MEDIUM WRITEUP
Riello UPS NetMan 208 <1.12 - XSS
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner.
CVSS 5.5
CVE-2025-68916 WRITEUP CRITICAL WRITEUP
Riello UPS NetMan 208 <1.12 - Path Traversal
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution.
CVSS 9.1