VYPR
Vendor

Itodaro

Products
3
CVEs
6
Across products
6
Status
Private

Products

3

Recent CVEs

6
  • CVE-2019-11618CriApr 30, 2019
    risk 0.64cvss 9.8epss 0.02

    doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 access_token in a…

  • CVE-2020-20474HigJun 21, 2021
    risk 0.49cvss 7.5epss 0.02

    White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the default_task_edituser.php files failing to filter the csa_to_user parameter. Remote attackers can exploit the vulnerability to obtain database sensitive information.

  • CVE-2020-20473HigJun 21, 2021
    risk 0.49cvss 7.5epss 0.02

    White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the control_task.php, control_project.php, default_user.php files failing to filter the sort parameter. Remote attackers can exploit the vulnerability to obtain database sensitive…

  • CVE-2019-11614HigApr 30, 2019
    risk 0.49cvss 7.5epss 0.02

    doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information.

  • CVE-2019-11610HigApr 30, 2019
    risk 0.49cvss 7.5epss 0.04

    doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.

  • CVE-2020-20468MedJun 21, 2021
    risk 0.42cvss 6.5epss 0.01

    White Shark System (WSS) 1.3.2 is vulnerable to CSRF. Attackers can use the user_edit_password.php file to modify the user password.