RSS   Vulnerabilities for 'Xpare'   RSS

2019-07-17
 
CVE-2019-13448

CWE-79
 

 
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload to send to the product's clients.

 
 
CVE-2019-13447

CWE-89
 

 
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.

 


Copyright 2024, cxsecurity.com

 

Back to Top