Vulnerabilities > Artica > Integria IMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-07 | CVE-2021-3834 | Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92 Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. | 6.1 |
| 2018-12-20 | CVE-2018-1000812 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Artica Integria IMS Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. | 4.3 |
| 2018-12-18 | CVE-2018-19829 | Cross-Site Request Forgery (CSRF) vulnerability in Artica Integria IMS 5.0.83 Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known. | 5.8 |
| 2018-12-17 | CVE-2018-19828 | Cross-site Scripting vulnerability in Artica Integria IMS 5.0.83 Artica Integria IMS 5.0.83 has XSS via the search_string parameter. | 4.3 |