Vulnerabilities > Planetestream > Planet Estream > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-25 | CVE-2022-45893 | Improper Restriction of Excessive Authentication Attempts vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative and high-privileged user accounts by changing the value of the ON cookie. | 8.8 |
| 2022-12-25 | CVE-2022-45889 | SQL Injection vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 allows a remote attacker (who is a publisher or admin) to obtain access to all records stored in the database, and achieve the ability to execute arbitrary SQL commands, via Search (the StatisticsResults.aspx flt parameter). | 7.2 |