Vulnerabilities > Escanav > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-31 | CVE-2023-33730 | Cleartext Transmission of Sensitive Information vulnerability in Escanav Escan Management Console 14.0.1400.2281 Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format. | 9.8 |
| 2023-05-17 | CVE-2023-31703 | Cross-site Scripting vulnerability in Escanav Escan Management Console 14.0.1400.2281 Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter. | 9.0 |
| 2022-04-01 | CVE-2021-26624 | Improper Input Validation vulnerability in Escanav Escan Anti-Virus An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. | 10.0 |