Vulnerabilities > Bladex

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-02	CVE-2023-47458	Missing Authorization vulnerability in Bladex Springblade 3.2.0/3.6.0/3.7.0 An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework. network low complexity bladex CWE-862 critical	9.8
2023-09-19	CVE-2023-40788	Exposure of Resource to Wrong Sphere vulnerability in Bladex Springblade 3.2.0/3.6.0 SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs network low complexity bladex CWE-668	5.3
2023-08-29	CVE-2023-40787	SQL Injection vulnerability in Bladex Springblade 3.6.0 In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection. network low complexity bladex CWE-89 critical	9.8
2022-05-05	CVE-2022-27360	SQL Injection vulnerability in Bladex Springblade 3.2.0 SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment. network low complexity bladex CWE-89 critical	9.8

Vulnerabilities > Bladex {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bladex"}]}