Financials
by Jiwa
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-2718 | 0.00 | — | 0.02 | Jun 1, 2006 | JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt… | |||
| CVE-2006-2719 | 0.00 | — | 0.00 | Jun 1, 2006 | JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to… |
- CVE-2006-2718Jun 1, 2006risk 0.00cvss —epss 0.02
JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt…
- CVE-2006-2719Jun 1, 2006risk 0.00cvss —epss 0.00
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to…