VYPR

arxes-tolina

by Microsoft

CVEs (2)

  • CVE-2019-19676CriMar 18, 2020
    risk 0.63cvss 9.6epss 0.01

    A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains…

  • CVE-2019-19677MedMar 18, 2020
    risk 0.28cvss 4.3epss 0.01

    arxes-tolina 3.0.0 allows User Enumeration.