Vulnerabilities > Inetsoftware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-12684 | XXE vulnerability in Inetsoftware I-Net Clear Reports 19.0.287 XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML parser. | 9.8 |
| 2020-05-07 | CVE-2020-11431 | Path Traversal vulnerability in Inetsoftware Clear Reports, Helpdesk and Pdfc The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal. | 9.1 |