VYPR
Vendor

Chatopera

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2019-6503CriJan 22, 2019
    risk 0.64cvss 9.8epss 0.02

    There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute commands during server-side deserialization by uploading maliciously constructed files. This is related to the TemplateController.java impsave method and the MainUtils toObject method.

  • CVE-2022-36521HigAug 26, 2022
    risk 0.49cvss 7.5epss 0.01

    Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.