Vendor
DESCOR
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26853 | Cri | 0.65 | 10.0 | 0.00 | Mar 20, 2025 | DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema. | ||
| CVE-2025-26852 | Cri | 0.65 | 10.0 | 0.00 | Mar 20, 2025 | DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection. | ||
| CVE-2018-13789 | Hig | 0.49 | 7.5 | 0.01 | Oct 10, 2018 | An issue was discovered in Descor Infocad FM before 3.1.0.0. An unauthenticated web service allows the retrieval of files on the web server and on reachable SMB servers. |
- risk 0.65cvss 10.0epss 0.00
DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema.
- risk 0.65cvss 10.0epss 0.00
DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Descor Infocad FM before 3.1.0.0. An unauthenticated web service allows the retrieval of files on the web server and on reachable SMB servers.