VYPR

IDExpert

by Changing Inc.

CVEs (3)

  • CVE-2024-10653HigNov 1, 2024
    risk 0.47cvss 7.2epss 0.01

    IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrative privileges to inject and execute OS commands on the server.

  • CVE-2024-10652MedNov 1, 2024
    risk 0.40cvss 6.1epss 0.00

    IDExpert from CHANGING Information Technology does not properly validate a parameter for a specific functionality, allowing unauthenticated remote attackers to inject JavsScript code and perform Reflected Cross-site scripting attacks.

  • CVE-2024-10651MedNov 1, 2024
    risk 0.32cvss 4.9epss 0.01

    IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files.