Vulnerabilities > Secom > DR ID Attendance System > 3.4.0.0.3.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2024-7732 | SQL Injection vulnerability in Secom Dr.Id Attendance System 3.3.0.320160517/3.4.0.0.3.11 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
| 2022-04-07 | CVE-2022-26671 | Use of Hard-coded Credentials vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. | 7.3 |