Vulnerabilities > Orpak
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-03 | CVE-2017-14854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Orpak Siteomat 6.4.414.084 A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. | 7.5 |
| 2019-06-03 | CVE-2017-14853 | Code Injection vulnerability in Orpak Siteomat 6.4.414.084 The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. | 10.0 |
| 2019-06-03 | CVE-2017-14852 | Cryptographic Issues vulnerability in Orpak Siteomat An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. | 5.0 |
| 2019-06-03 | CVE-2017-14851 | SQL Injection vulnerability in Orpak Siteomat A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. | 7.5 |
| 2019-06-03 | CVE-2017-14850 | Cross-site Scripting vulnerability in Orpak Siteomat All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. | 4.3 |
| 2019-06-03 | CVE-2017-14728 | Use of Hard-coded Credentials vulnerability in Orpak Siteomat An authentication bypass was found in an unknown area of the SiteOmat source code. | 7.5 |