Vulnerabilities > Adremsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-12-16 CVE-2019-14481 Cross-Site Request Forgery (CSRF) vulnerability in Adremsoft Netcrunch 10.6.0.4587
AdRem NetCrunch 10.6.0.4587 has a Cross-Site Request Forgery (CSRF) vulnerability in the NetCrunch web client.
network
low complexity
adremsoft CWE-352
5.4
5.4
2020-12-16 CVE-2019-14478 Cross-site Scripting vulnerability in Adremsoft Netcrunch 10.6.0.4587
AdRem NetCrunch 10.6.0.4587 has a stored Cross-Site Scripting (XSS) vulnerability in the NetCrunch web client.
network
low complexity
adremsoft CWE-79
5.4
5.4
2020-12-16 CVE-2019-14476 Server-Side Request Forgery (SSRF) vulnerability in Adremsoft Netcrunch 10.6.0.4587
AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server.
network
low complexity
adremsoft CWE-918
6.5
6.5
2020-12-16 CVE-2019-14477 Insufficiently Protected Credentials vulnerability in Adremsoft Netcrunch
AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted.
local
low complexity
adremsoft CWE-522
5.5
5.5