Vulnerabilities > Unisoon

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-27	CVE-2020-3936	SQL Injection vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command. network low complexity unisoon CWE-89	7.5
2020-03-27	CVE-2020-3921	Information Exposure vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management software stores user’s information in cleartext. network low complexity unisoon CWE-200	5.0
2020-03-27	CVE-2020-3920	Improper Authentication vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. network low complexity unisoon CWE-287	5.5

Vulnerabilities > Unisoon {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Unisoon"}]}