VYPR

Crosschex Standard

by Anviz

CVEs (3)

  • CVE-2018-25135CriDec 24, 2025
    risk 0.64cvss 9.8epss 0.01

    Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro…

  • CVE-2026-40434HigApr 17, 2026
    risk 0.53cvss 8.1epss 0.00

    Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic.

  • CVE-2026-32650HigApr 17, 2026
    risk 0.49cvss 7.5epss 0.00

    Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access.