Vulnerabilities > Topmanage

DATE CVE VULNERABILITY TITLE RISK
2020-02-18 CVE-2020-6845 Cross-site Scripting vulnerability in Topmanage OLK Webstore 2020
An issue was discovered in TopManage OLK 2020.
network
topmanage CWE-79
4.3
2020-02-18 CVE-2020-6844 Cross-Site Request Forgery (CSRF) vulnerability in Topmanage OLK Webstore 2020
In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.
network
topmanage CWE-352
6.8
2010-07-12 CVE-2010-2686 SQL Injection vulnerability in Topmanage OLK Module 1.91.30
Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP allow remote attackers to execute arbitrary SQL commands via the (1) PriceFrom, (2) PriceTo, and (3) InvFrom parameters, as reachable from olk/c_p/searchCart.asp, and other unspecified vectors when performing an advanced search.
network
low complexity
topmanage CWE-89
7.5