VYPR

TRMTracker

by Hitachi

CVEs (2)

  • CVE-2025-27631MedMar 25, 2025
    risk 0.42cvss 6.5epss 0.00

    The TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and execute remote commands that can read and update data on the website.

  • CVE-2025-27632MedMar 25, 2025
    risk 0.40cvss 6.1epss 0.00

    A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request to leverage multiple attack vectors, including defacing the site content through web-cache poisoning.