Vulnerabilities > Metersphere

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2021-45788	SQL Injection vulnerability in Metersphere 1.15.4 Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter. network low complexity metersphere CWE-89	8.8
2022-09-29	CVE-2021-45789	Unspecified vulnerability in Metersphere 1.15.4 An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function. network low complexity metersphere	6.5
2022-09-29	CVE-2021-45790	Unrestricted Upload of File with Dangerous Type vulnerability in Metersphere 1.15.4 An arbitrary file upload vulnerability was found in Metersphere v1.15.4. network low complexity metersphere CWE-434 critical	9.8

Vulnerabilities > Metersphere {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Metersphere"}]}