Vulnerabilities > Secomea
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-04 | CVE-2022-25781 | Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session. | 4.3 |
| 2022-05-04 | CVE-2022-25782 | Improper Privilege Management vulnerability in Secomea products Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. | 5.5 |
| 2022-05-04 | CVE-2022-25783 | Unspecified vulnerability in Secomea products Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. | 4.0 |
| 2022-05-04 | CVE-2022-25784 | Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. | 3.5 |
| 2022-05-04 | CVE-2022-25785 | Out-of-bounds Write vulnerability in Secomea products Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. | 6.5 |
| 2022-05-04 | CVE-2022-25787 | Information Exposure vulnerability in Secomea products Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. | 4.6 |
| 2022-03-11 | CVE-2021-32009 | Cross-site Scripting vulnerability in Secomea Gatemanager Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. | 4.3 |
| 2022-03-10 | CVE-2021-32005 | Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. | 3.5 |
| 2022-03-10 | CVE-2021-32006 | Incorrect Default Permissions vulnerability in Secomea Gatemanager This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | 4.0 |
| 2022-03-04 | CVE-2021-32008 | Path Traversal vulnerability in Secomea Gatemanager This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | 8.5 |