Zucchetti Ad Hoc Infinity
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Zucchetti Ad Hoc Infinity.
By the Year
In 2026 there have been 0 vulnerabilities in Zucchetti Ad Hoc Infinity. Last year, in 2025 Ad Hoc Infinity had 5 security vulnerabilities published. Right now, Ad Hoc Infinity is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 5 | 6.10 |
It may take a day or so for new Ad Hoc Infinity vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Zucchetti Ad Hoc Infinity Security Vulnerabilities
XSS in Zucchetti Ad Hoc Infinity 4.2 via /ahi/jsp/gsfr_feditorHTML.jsp
CVE-2025-52180
6.1 - Medium
- October 30, 2025
Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Infinity 4.2 and earlier allows remote unauthenticated attackers to inject arbitrary JavaScript via the pHtmlSource parameter of the /ahi/jsp/gsfr_feditorHTML.jsp?pHtmlSource endpoint.
XSS
Ad Hoc Infinity 2.4 Improper Redirect (m_cURL) After Auth
CVE-2024-51321
- March 11, 2025
In Zucchetti Ad Hoc Infinity 2.4, an improper check on the m_cURL parameter allows an attacker to redirect the victim to an attacker-controlled website after the authentication.
Zucchetti Ad Hoc Infinity 2.4 XSS RCE via gsdm_fsave_htmltmp/gsdm_btlk_openfile
CVE-2024-51320
- March 11, 2025
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdm_fsave_htmltmp, /servlet/gsdm_btlk_openfile components
Zucchetti Ad Hoc Infinity 2.4 RCE via LFI in /servlet/Report – JSP upload
CVE-2024-51319
- March 11, 2025
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimg_upload.jsp.
XSS & RCE in Zucchetti Ad Hoc Infinity 2.4 via JSP Components
CVE-2024-51322
- March 11, 2025
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /jsp/home.jsp, /jsp/gsfr_feditorHTML.jsp, /servlet/SPVisualZoom, /jsp/gsmd_container.jsp components
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Zucchetti Ad Hoc Infinity or by Zucchetti? Click the Watch button to subscribe.
