Submit #616920: Vaelsys Vaelsys V4 v4.1.0 Remote Code Execution in Vaelsys V4 Platforminfo

Titel	Vaelsys Vaelsys V4 v4.1.0 Remote Code Execution in Vaelsys V4 Platform
Beschreibung	The vulnerability allows arbitrary command execution by injecting malicious payloads into unfiltered user input parameters that are processed in `execute_DataObjectProc` by `testConnectivity` function located in `grid/vgrid_server.php`. Prerequisites: Valid PHP session ID (PHPSESSID) required; No authentication required.
Quelle	⚠️ https://github.com/waiwai24/0101/blob/main/CVEs/Vaelsys/Remote_Code_Execution_in_Vaelsys_V4_Platform.md
Benutzer	waiwai24 (UID 81637)
Einreichung	16.07.2025 11:03 (vor 9 Monaten)
Moderieren	26.07.2025 18:14 (10 days later)
Status	Akzeptiert
VulDB Eintrag	317847 [Vaelsys VaelsysV4 bis 5.1.0/5.4.0 Web interface /grid/vgrid_server.php execute_DataObjectProc xajaxargs erweiterte Rechte]
Punkte	19

Might our Artificial Intelligence support you?

Check our Alexa App!