A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-03-21
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts.
CVSS Score
3.5
EPSS Score
0.003
Published
2022-03-21
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands.
CVSS Score
8.8
EPSS Score
0.296
Published
2022-03-21