| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-14851 | 7.5 |
A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypas
|
04-06-2019 - 19:48 | 03-06-2019 - 19:29 | |
| CVE-2017-14850 | 4.3 |
All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. An attacker with access to the web interface is able to hijack sessions
|
04-06-2019 - 19:47 | 03-06-2019 - 19:29 | |
| CVE-2017-14853 | 10.0 |
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive vali
|
04-06-2019 - 19:17 | 03-06-2019 - 19:29 |