Vulnerabilities > Techno Portfolio Management Panel Project > Techno Portfolio Management Panel > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-15	CVE-2017-17696	Information Exposure vulnerability in Techno - Portfolio Management Panel Project Techno - Portfolio Management Panel 1.0/20171116 Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php. network low complexity techno-portfolio-management-panel-project CWE-200	4.3
2017-12-15	CVE-2017-17695	SQL Injection vulnerability in Techno - Portfolio Management Panel Project Techno - Portfolio Management Panel 1.0/20171116 Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter. network low complexity techno-portfolio-management-panel-project CWE-89	8.8
2017-12-15	CVE-2017-17694	Cross-site Scripting vulnerability in Techno - Portfolio Management Panel Project Techno - Portfolio Management Panel 1.0/20171116 Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter. network low complexity techno-portfolio-management-panel-project CWE-79	5.4
2017-12-15	CVE-2017-17693	Missing Authorization vulnerability in Techno - Portfolio Management Panel Project Techno - Portfolio Management Panel 1.0/20171116 Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback. network low complexity techno-portfolio-management-panel-project CWE-862	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.