computrols

Top products

The 10 most recently published vulnerabilities affecting computrols.

• CVE-2019-10847Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.8.8May 24, 2019
• CVE-2019-10848Computrols CBAS 18.0.0 allows Username Enumeration.5.3May 24, 2019
• CVE-2019-10846Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter.6.1May 23, 2019
• CVE-2019-10849Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure.7.5May 23, 2019
• CVE-2019-10850Computrols CBAS 18.0.0 has Default Credentials.9.8May 23, 2019
• CVE-2019-10851Computrols CBAS 18.0.0 has hard-coded encryption keys.6.5May 23, 2019
• CVE-2019-10852Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.8.8May 23, 2019
• CVE-2019-10853Computrols CBAS 18.0.0 allows Authentication Bypass.8.1May 23, 2019
• CVE-2019-10854Computrols CBAS 18.0.0 allows Authenticated Command Injection.8.8May 23, 2019
• CVE-2019-10855Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database.7.5May 23, 2019