Vulnerabilities > Kevinlab

DATE CVE VULNERABILITY TITLE RISK
2022-04-11 CVE-2021-37291 SQL Injection vulnerability in Kevinlab 4ST L-Bems 1.0.0
An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in index.php.
network
low complexity
kevinlab CWE-89
7.5
2022-04-11 CVE-2021-37292 Unspecified vulnerability in Kevinlab 4ST L-Bems 1.0.0
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account.
network
low complexity
kevinlab
critical
9.0
2022-04-11 CVE-2021-37293 Path Traversal vulnerability in Kevinlab 4ST L-Bems 1.0.0
A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in index.php.
network
low complexity
kevinlab CWE-22
4.0