Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-45861 | Use of Hard-coded Credentials vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-19 | CVE-2024-45862 | Cleartext Storage of Sensitive Information vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-19 | CVE-2024-46394 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add | 8.8 |
| 2024-09-19 | CVE-2024-46382 | SQL Injection vulnerability in Linlinjava Litemall 1.8.0 A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminGoodscontroller.java. | 7.5 |
| 2024-09-19 | CVE-2024-45769 | A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. local low complexity | 5.5 |
| 2024-09-19 | CVE-2024-45770 | A vulnerability was found in Performance Co-Pilot (PCP). | 4.4 |
| 2024-09-19 | CVE-2024-47087 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47088 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-19 | CVE-2024-47089 | Improper Validation of Integrity Check Value vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47085 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters (cCdslClicentcode and cLdClientCode) in the API endpoint. | 6.5 |