Vulnerabilities > Softexpert

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-33515 Cross-site Scripting vulnerability in Softexpert Excellence Suite 2.1.9
SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting (XSS) via query screens.
network
low complexity
softexpert CWE-79
5.4
2023-05-12 CVE-2023-30330 Unspecified vulnerability in Softexpert Excellence Suite 2.0/2.0.15.115/2.0.15.31
SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defaultframe/2.0/defaultframe_filter.php.
network
low complexity
softexpert
critical
9.8
2018-07-09 CVE-2018-12977 SQL Injection vulnerability in Softexpert Excellence Suite 2.0
A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section.
network
low complexity
softexpert CWE-89
8.8