RSS   Podatności dla 'Web stack'   RSS

2022-02-02
 
CVE-2021-42633

CWE-89
 

 
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.

 
 
CVE-2021-42637

CWE-918
 

 
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.

 
 
CVE-2021-42639

CWE-79
 

 
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.

 
 
CVE-2021-42640

CWE-668
 

 
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.

 
 
CVE-2021-42641

CWE-668
 

 
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.

 
 
CVE-2021-42642

CWE-312
 

 
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.

 

 >>> Vendor: Printerlogic 2 Produkty
Print management
Web stack


Copyright 2024, cxsecurity.com

 

Back to Top