Vulnerabilities > Iblsoft

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-26	CVE-2020-9407	Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. network low complexity iblsoft CWE-312	5.3
2020-02-26	CVE-2020-9406	Code Injection vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service. network low complexity iblsoft CWE-94 critical	9.8
2020-02-26	CVE-2020-9405	Cross-site Scripting vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page. network low complexity iblsoft CWE-79	6.1

Vulnerabilities > Iblsoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Iblsoft"}]}