Vulnerabilities > Computrols

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-24	CVE-2019-10848	Information Exposure Through Discrepancy vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Username Enumeration. network low complexity computrols CWE-203	5.3
2019-05-24	CVE-2019-10847	Cross-Site Request Forgery (CSRF) vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. network low complexity computrols CWE-352	8.8
2019-05-23	CVE-2019-10850	Use of Hard-coded Credentials vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 has Default Credentials. network low complexity computrols CWE-798 critical	9.8
2019-05-23	CVE-2019-10849	Missing Authorization vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. network low complexity computrols CWE-862	7.5
2019-05-23	CVE-2019-10846	Cross-site Scripting vulnerability in Computrols Building Automation System Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. network low complexity computrols CWE-79	6.1
2019-05-23	CVE-2019-10855	Inadequate Encryption Strength vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 mishandles password hashes. network low complexity computrols CWE-326	7.5
2019-05-23	CVE-2019-10854	Command Injection vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Authenticated Command Injection. network low complexity computrols CWE-77	8.8
2019-05-23	CVE-2019-10853	Unspecified vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Authentication Bypass. network high complexity computrols	8.1
2019-05-23	CVE-2019-10852	SQL Injection vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. network low complexity computrols CWE-89	8.8
2019-05-23	CVE-2019-10851	Use of Hard-coded Credentials vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 has hard-coded encryption keys. network low complexity computrols CWE-798	6.5

Vulnerabilities > Computrols {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Computrols"}]}

Vulnerabilities > Computrols