Vulnerabilities > Wikidsystems > TWO Factor Authentication Enterprise Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-17 | CVE-2019-17119 | SQL Injection vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter. | 6.5 |
| 2019-10-17 | CVE-2019-17116 | Cross-site Scripting vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. | 4.3 |
| 2019-10-17 | CVE-2019-17115 | Cross-site Scripting vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML that is triggered when Logs.jsp is visited. | 4.3 |
| 2019-10-17 | CVE-2019-17114 | Cross-site Scripting vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. | 4.3 |
| 2019-10-17 | CVE-2019-16917 | SQL Injection vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. | 6.5 |