Vulnerabilities > Secom
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-14 | CVE-2024-7731 | SQL Injection vulnerability in Secom Dr.Id Access Control 3.3.2 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
2024-08-14 | CVE-2024-7732 | SQL Injection vulnerability in Secom Dr.Id Attendance System 3.3.0.320160517/3.4.0.0.3.11 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
2022-04-07 | CVE-2022-26671 | Use of Hard-coded Credentials vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. | 7.3 |
2020-02-11 | CVE-2020-3935 | Cleartext Storage of Sensitive Information vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers. | 7.5 |
2020-02-11 | CVE-2020-3934 | SQL Injection vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command. | 9.8 |
2020-02-11 | CVE-2020-3933 | Unspecified vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system. | 5.3 |