VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Computrols
> Computrols Building Automation Software
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2019-05-24
CVE-2019-10848
Information Exposure Through Discrepancy vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows Username Enumeration.
network
low complexity
computrols
CWE-203
5.3
5.3
2019-05-24
CVE-2019-10847
Cross-Site Request Forgery (CSRF) vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.
network
low complexity
computrols
CWE-352
8.8
8.8
2019-05-23
CVE-2019-10850
Use of Hard-coded Credentials vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 has Default Credentials.
network
low complexity
computrols
CWE-798
critical
9.8
9.8
2019-05-23
CVE-2019-10849
Missing Authorization vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure.
network
low complexity
computrols
CWE-862
7.5
7.5
2019-05-23
CVE-2019-10855
Inadequate Encryption Strength vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 mishandles password hashes.
network
low complexity
computrols
CWE-326
7.5
7.5
2019-05-23
CVE-2019-10854
Command Injection vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows Authenticated Command Injection.
network
low complexity
computrols
CWE-77
8.8
8.8
2019-05-23
CVE-2019-10853
Unspecified vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows Authentication Bypass.
network
high complexity
computrols
8.1
8.1
2019-05-23
CVE-2019-10852
SQL Injection vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.
network
low complexity
computrols
CWE-89
8.8
8.8
2019-05-23
CVE-2019-10851
Use of Hard-coded Credentials vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 has hard-coded encryption keys.
network
low complexity
computrols
CWE-798
6.5
6.5