Vulnerabilities > Unit4 > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-18 CVE-2022-27434 SQL Injection vulnerability in Unit4 Teta 29.5
UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page.
network
low complexity
unit4 CWE-89
critical
 9.8
9.8
2017-08-02 CVE-2015-1174 Session Fixation vulnerability in Unit4 Teta web
Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and earlier allows remote attackers to hijack web sessions via a session id.
network
low complexity
unit4 CWE-384
critical
 9.8
9.8