Vulnerabilities > Infodrom

DATE CVE VULNERABILITY TITLE RISK
2023-07-25 CVE-2023-35066 SQL Injection vulnerability in Infodrom E-Invoice Approval System
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infodrom Software E-Invoice Approval System allows SQL Injection.This issue affects E-Invoice Approval System: before v.20230701.
network
low complexity
infodrom CWE-89
critical
9.8
2023-07-25 CVE-2023-35067 Unprotected Storage of Credentials vulnerability in Infodrom E-Invoice Approval System
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable.This issue affects E-Invoice Approval System: before v.20230701.
network
low complexity
infodrom CWE-256
7.5
2001-08-02 CVE-2001-0609 Off-by-one Error vulnerability in Infodrom Cfingerd
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
network
low complexity
infodrom CWE-193
critical
9.8
1999-09-21 CVE-1999-0708 Unspecified vulnerability in Infodrom Cfingerd 1.4.2
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
local
low complexity
infodrom
7.2
1999-08-10 CVE-1999-0813 Unspecified vulnerability in Infodrom Cfingerd
Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.
local
low complexity
infodrom
7.2
1997-05-23 CVE-1999-0259 Unspecified vulnerability in Infodrom Cfingerd 1.2.2
cfingerd lists all users on a system via search.**@target.
network
low complexity
infodrom
5.0