Vulnerabilities > Smartics

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-27	CVE-2022-2088	Unspecified vulnerability in Smartics 2.3.4.0 An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0. network low complexity smartics	4.9
2022-06-27	CVE-2022-2106	Path Traversal vulnerability in Smartics 2.3.4.0 Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files. network low complexity smartics CWE-22	2.7
2022-06-27	CVE-2022-2140	Cross-site Scripting vulnerability in Smartics 2.3.4.0 Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters. network low complexity smartics CWE-79 critical	9.0

Vulnerabilities > Smartics {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Smartics"}]}