Vulnerabilities > Smartsoft

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-10	CVE-2023-37286	Use of Hard-coded Credentials vulnerability in Smartsoft Smartbpm.Net 6.70 SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. network low complexity smartsoft CWE-798 critical	9.8
2023-07-10	CVE-2023-37287	Use of Hard-coded Credentials vulnerability in Smartsoft Smartbpm.Net 6.70 SmartBPM.NET has a vulnerability of using hard-coded authentication key. network low complexity smartsoft CWE-798 critical	9.1
2023-07-10	CVE-2023-37288	Path Traversal vulnerability in Smartsoft Smartbpm.Net 6.70 SmartBPM.NET component has a vulnerability of path traversal within its file download function. network low complexity smartsoft CWE-22	7.5
2022-07-18	CVE-2022-1912	Cross-Site Request Forgery (CSRF) vulnerability in Smartsoft Button Widget Smartsoft 1.0.1 The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. network low complexity smartsoft CWE-352	8.8

Vulnerabilities > Smartsoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Smartsoft"}]}