VYPR
Vendor

Loway

Products
2
CVEs
6
Across products
8
Status
Private

Products

2

Recent CVEs

6
  • CVE-2020-13127HigSep 9, 2020
    risk 0.57cvss 8.8epss 0.01

    A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.04.1 allows remote authenticated attackers to execute arbitrary SQL commands via the TASKS_LIST__pt.querystring parameter.

  • CVE-2020-15947HigAug 13, 2020
    risk 0.57cvss 8.8epss 0.01

    A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do endpoint of Loway QueueMetrics before 19.10.21 allows remote authenticated users to execute arbitrary SQL commands via the exportId parameter.

  • CVE-2020-15925HigAug 13, 2020
    risk 0.57cvss 8.8epss 0.01

    A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter.

  • CVE-2024-42341MedSep 8, 2024
    risk 0.40cvss 6.1epss 0.00

    Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

  • CVE-2024-42343MedSep 8, 2024
    risk 0.34cvss 5.3epss 0.00

    Loway - CWE-204: Observable Response Discrepancy

  • CVE-2024-42342MedSep 8, 2024
    risk 0.28cvss 4.3epss 0.00

    Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')