Vulnerabilities > Kwoksys

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-06	CVE-2022-45326	XXE vulnerability in Kwoksys Information Server An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks. network low complexity kwoksys CWE-611	4.9
2013-10-11	CVE-2013-5028	SQL Injection vulnerability in Kwoksys Information Server 2.8.3/2.8.4 SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the (1) hardwareType, (2) hardwareStatus, or (3) hardwareLocation parameter in a search command. network low complexity kwoksys CWE-89	6.5

Vulnerabilities > Kwoksys {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Kwoksys"}]}