Vulnerabilities > Mahadiscom

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-08	CVE-2020-27416	Insufficient Session Expiration vulnerability in Mahadiscom Mahavitaran 7.50 Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. network low complexity mahadiscom CWE-613 critical	9.8
2021-12-07	CVE-2021-41716	Improper Authentication vulnerability in Mahadiscom Mahavitaran 7.50 Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function network low complexity mahadiscom CWE-287 critical	9.8
2021-12-07	CVE-2020-27413	Insufficiently Protected Credentials vulnerability in Mahadiscom Mahavitaran 7.50 An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application. local low complexity mahadiscom CWE-522	4.2
2021-12-02	CVE-2020-27414	Information Exposure vulnerability in Mahadiscom Mahavitaran 7.50 Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters. network high complexity mahadiscom CWE-200	5.9

Vulnerabilities > Mahadiscom {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mahadiscom"}]}