VYPR

INFOCAD

by DESCOR

CVEs (3)

  • CVE-2025-26853CriMar 20, 2025
    risk 0.65cvss 10.0epss 0.00

    DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema.

  • CVE-2025-26852CriMar 20, 2025
    risk 0.65cvss 10.0epss 0.00

    DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection.

  • CVE-2018-13789HigOct 10, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Descor Infocad FM before 3.1.0.0. An unauthenticated web service allows the retrieval of files on the web server and on reachable SMB servers.