VYPR
Vendor

CIGESv2

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-2723CriMar 22, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query.

  • CVE-2024-2722CriMar 22, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in the CIGESv2 system, through /ajaxConfigTotem.php, in the 'id' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query.

  • CVE-2024-2726MedMar 22, 2024
    risk 0.40cvss 6.1epss 0.00

    Stored Cross-Site Scripting (Stored-XSS) vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration.