Vulnerabilities > Wolterskluwer > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-25 | CVE-2023-49328 | Injection vulnerability in Wolterskluwer B.Point 23.70.00 On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module. | 7.2 |
| 2022-06-06 | CVE-2021-41932 | SQL Injection vulnerability in Wolterskluwer Teammate+ Audit 28.0.19.0 A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc. | 8.8 |
| 2021-12-17 | CVE-2021-44035 | Unspecified vulnerability in Wolterskluwer Teammate Audit Management 12.4 Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files. | 7.8 |