Vulnerabilities > Printeron

DATE CVE VULNERABILITY TITLE RISK
2019-07-29 CVE-2018-17213 Improper Authentication vulnerability in Printeron Central Print Services 2.5/4.1.4
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4.
network
low complexity
printeron CWE-287
8.8
2019-07-29 CVE-2018-17211 Information Exposure vulnerability in Printeron Central Print Services 2.5/4.1.4
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4.
network
low complexity
printeron CWE-200
5.3
2019-07-20 CVE-2018-17210 Improper Authorization vulnerability in Printeron Central Print Services 2.5/4.1.4
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4.
network
low complexity
printeron CWE-285
8.8
2019-04-23 CVE-2018-17169 XXE vulnerability in Printeron
An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
network
low complexity
printeron CWE-611
7.7
2019-04-18 CVE-2018-17168 Cross-Site Request Forgery (CSRF) vulnerability in Printeron 4.1.4
PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery (CSRF) vulnerabilities in the Administration page.
network
low complexity
printeron CWE-352
6.5
2019-03-21 CVE-2018-17167 Cross-site Scripting vulnerability in Printeron 4.1.4
PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Machine Host Name" or "Server Serial Number" field in the clustering configuration, (2) "name" field in the Edit Group configuration, (3) "Rule Name" field in the Access Control configuration, (4) "Service Name" in the Service Configuration, or (5) First Name or Last Name field in the Edit Account configuration.
network
low complexity
printeron CWE-79
5.4
2018-12-17 CVE-2018-19936 Improper Input Validation vulnerability in Printeron 4.1.4
PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion.
network
low complexity
printeron CWE-20
6.5
2018-05-17 CVE-2018-10327 Insufficiently Protected Credentials vulnerability in Printeron 4.1.3
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding, which allows local users to obtain credentials for a domain user by reading the cps_config.xml file.
local
high complexity
printeron CWE-522
7.0
2018-05-17 CVE-2018-10326 Cross-site Scripting vulnerability in Printeron 4.1.3
PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration, (2) description field in the print server configuration, and (3) username field for authentication to print as guest.
network
low complexity
printeron CWE-79
5.4