VYPR
Vendor

Celk Sistemas

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2024-48761HigJan 29, 2025
    risk 0.57cvss 8.8epss 0.01

    Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter.

  • CVE-2024-51182MedJan 29, 2025
    risk 0.40cvss 6.1epss 0.00

    HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter.

  • CVE-2024-55199MedMar 10, 2025
    risk 0.35cvss 5.4epss 0.00

    A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser.

  • CVE-2024-55198MedMar 13, 2025
    risk 0.34cvss 5.3epss 0.00

    User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses.