Vulnerabilities > Computrols
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-24 | CVE-2019-10848 | Information Exposure Through Discrepancy vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Username Enumeration. | 5.0 |
2019-05-24 | CVE-2019-10847 | Cross-Site Request Forgery (CSRF) vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. | 6.8 |
2019-05-23 | CVE-2019-10850 | Use of Hard-coded Credentials vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 has Default Credentials. | 10.0 |
2019-05-23 | CVE-2019-10849 | Missing Authorization vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. | 5.0 |
2019-05-23 | CVE-2019-10846 | Cross-site Scripting vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. | 4.3 |
2019-05-23 | CVE-2019-10855 | Inadequate Encryption Strength vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 mishandles password hashes. | 5.0 |
2019-05-23 | CVE-2019-10854 | Command Injection vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Authenticated Command Injection. | 9.0 |
2019-05-23 | CVE-2019-10853 | Unspecified vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Authentication Bypass. network computrols | 8.3 |
2019-05-23 | CVE-2019-10852 | SQL Injection vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. | 6.5 |
2019-05-23 | CVE-2019-10851 | Key Management Errors vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 has hard-coded encryption keys. | 4.0 |