profelis CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

profelis vulnerability overview

Aggregates CVE and security vulnerability intelligence across all profelis-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk command injection and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.

Vulnerability distribution trend (last 24 months)

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2024-7015	Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse. This issue affects PassBox: before v1.2.	[email protected]	7.1	0.11%	2024-09-09	2026-06-03
CVE-2022-25620	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.	[email protected]	3.8	0.54%	2022-03-30	2024-11-21
CVE-2022-25619	Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.	[email protected]	3.8	0.14%	2022-03-30	2024-11-21

cvelogic Threat Intelligence