Vulnerabilities > Unisoon

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-27	CVE-2020-3936	SQL Injection vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command. network low complexity unisoon CWE-89 critical	9.8
2020-03-27	CVE-2020-3921	Cleartext Storage of Sensitive Information vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management software stores user’s information in cleartext. network low complexity unisoon CWE-312	7.5
2020-03-27	CVE-2020-3920	Missing Authentication for Critical Function vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. network low complexity unisoon CWE-306	8.1

Vulnerabilities > Unisoon {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Unisoon"}]}