VYPR
Vendor

Horizon Business Services Inc.

Products
2
CVEs
11
Across products
11
Status
Private

Products

2

Recent CVEs

11
  • CVE-2024-38887CriAug 2, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary privileges.

  • CVE-2024-38889CriAug 2, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command.

  • CVE-2024-38886CriAug 2, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel.

  • CVE-2024-38882CriAug 2, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command.

  • CVE-2024-38883CriAug 2, 2024
    risk 0.59cvss 9.1epss 0.00

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation.

  • CVE-2024-38890HigAug 2, 2024
    risk 0.55cvss 8.4epss 0.00

    An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks.

  • CVE-2024-38884HigAug 2, 2024
    risk 0.51cvss 7.8epss 0.00

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard authentication mechanisms

  • CVE-2024-38891HigAug 2, 2024
    risk 0.49cvss 7.5epss 0.00

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.

  • CVE-2024-38885HigAug 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application.

  • CVE-2024-38881HigAug 2, 2024
    risk 0.49cvss 7.5epss 0.00

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords.

  • CVE-2024-38888MedAug 2, 2024
    risk 0.44cvss 6.8epss 0.00

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts.