Vulnerabilities
Vulnerable Software
Precurio:  Security Vulnerabilities
Precurio Intranet Portal 4.4 contains a cross-site request forgery vulnerability that allows attackers to induce authenticated users to submit crafted requests to a profile update endpoint handling file uploads. Attackers can exploit this to upload executable files to web-accessible locations, leading to arbitrary code execution in the context of the web server.
CVSS Score
8.6
EPSS Score
0.002
Published
2026-03-20
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads.
CVSS Score
9.8
EPSS Score
0.037
Published
2019-05-24


Contact Us

Shodan ® - All rights reserved