Vulnerabilities > Oceanicsoft

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-27	CVE-2024-8607	SQL Injection vulnerability in Oceanicsoft Valeapp Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection.This issue affects ValeApp: before v2.0.0. network low complexity oceanicsoft CWE-89 critical	9.8
2024-09-27	CVE-2024-8608	Cross-site Scripting vulnerability in Oceanicsoft Valeapp Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0. network low complexity oceanicsoft CWE-79	5.4
2024-09-27	CVE-2024-8609	Information Exposure Through Log Files vulnerability in Oceanicsoft Valeapp Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0. network low complexity oceanicsoft CWE-532	7.5
2024-09-27	CVE-2024-8643	Session Fixation vulnerability in Oceanicsoft Valeapp Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking.This issue affects ValeApp: before v2.0.0. network low complexity oceanicsoft CWE-384 critical	9.8
2024-09-27	CVE-2024-8644	Cleartext Storage of Sensitive Information vulnerability in Oceanicsoft Valeapp Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: before v2.0.0. network low complexity oceanicsoft CWE-312	7.5

Vulnerabilities > Oceanicsoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oceanicsoft"}]}

Vulnerabilities > Oceanicsoft