Vulnerabilities > Subex

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-14	CVE-2020-9384	Authorization Bypass Through User-Controlled Key vulnerability in Subex ROC Partner Settlement 10.5 An Insecure Direct Object Reference (IDOR) vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. network low complexity subex CWE-639	8.8
2014-12-02	CVE-2014-8728	SQL Injection vulnerability in Subex ROC Fraud Management System SQL injection vulnerability in the login page (login/login) in Subex ROC Fraud Management (aka Fraud Management System and FMS) 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ranger_user[name] parameter. network low complexity subex CWE-89	7.5

Vulnerabilities > Subex {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Subex"}]}