Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-14854 |
|
Buffer Overflow in orpak (CVE-2017-14854)
vulnerability in orpak (CVE-2017-14854). Data can be tampered with by attackers.
|
| CVE-2017-14728 |
|
Vulnerability in orpak (CVE-2017-14728)
vulnerability in orpak (CVE-2017-14728). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14850 |
|
Cross-Site Scripting (XSS) in orpak (CVE-2017-14850)
cross-site scripting in orpak (CVE-2017-14850). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14851 |
|
SQL Injection in sqli (CVE-2017-14851)
SQL injection in sqli (CVE-2017-14851). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14852 |
|
An insecure communication was found between a user and the Orpak SiteOmat management console for...
An insecure communication was found between a user and the Orpak SiteOmat management console for...
|
| CVE-2017-14853 |
|
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attac...
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device.
|