Printerlogic
Products
5- 15 CVEs
- 14 CVEs
- 9 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
40| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4835 | Cri | 0.64 | 9.8 | 0.01 | Sep 15, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CF Software Oil Management Software allows SQL Injection. This issue affects Oil Management Software: before 20230912 . | ||
| CVE-2017-20196 | Med | 0.41 | 6.3 | 0.00 | Jan 26, 2025 | A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely.… | ||
| CVE-2021-42949 | 0.03 | — | 0.06 | Sep 16, 2022 | The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks. | |||
| CVE-2021-42638 | 0.02 | — | 0.06 | Feb 1, 2022 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution. | |||
| CVE-2021-42635 | 0.02 | — | 0.06 | Jan 31, 2022 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution. | |||
| CVE-2021-42631 | 0.02 | — | 0.06 | Jan 31, 2022 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution. | |||
| CVE-2025-34222 | 0.00 | — | 0.00 | Sep 29, 2025 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose four admin routes – /admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/ca, and… | |||
| CVE-2025-34206 | 0.00 | — | 0.00 | Sep 19, 2025 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) mount host configuration and secret material under /var/www/efs_storage into many Docker containers with overly-permissive filesystem permissions. Files such as secrets.env,… | |||
| CVE-2025-27680 | 0.00 | — | 0.00 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442 allows Insecure Firmware Image with Insufficient Verification of Data Authenticity V-2024-004. | |||
| CVE-2025-27651 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: Elatec V-2023-014. | |||
| CVE-2025-27666 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010. | |||
| CVE-2025-27673 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cookie Returned in Response Body OVE-20230524-0017. | |||
| CVE-2025-27670 | 0.00 | — | 0.00 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Signature Validation OVE-20230524-0014. | |||
| CVE-2025-27681 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004. | |||
| CVE-2025-27685 | 0.00 | — | 0.00 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001. | |||
| CVE-2025-27667 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Administrative User Email Enumeration OVE-20230524-0011. | |||
| CVE-2025-27668 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Arbitrary Content Inclusion via Iframe OVE-20230524-0012. | |||
| CVE-2025-27669 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning (XSPA)/DoS OVE-20230524-0013. | |||
| CVE-2025-27671 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Device Impersonation OVE-20230524-0015. | |||
| CVE-2025-27675 | 0.00 | — | 0.01 | Mar 5, 2025 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004. |
- risk 0.64cvss 9.8epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CF Software Oil Management Software allows SQL Injection. This issue affects Oil Management Software: before 20230912 .
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely.…
- CVE-2021-42949Sep 16, 2022risk 0.03cvss —epss 0.06
The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks.
- CVE-2021-42638Feb 1, 2022risk 0.02cvss —epss 0.06
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
- CVE-2021-42635Jan 31, 2022risk 0.02cvss —epss 0.06
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.
- CVE-2021-42631Jan 31, 2022risk 0.02cvss —epss 0.06
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
- CVE-2025-34222Sep 29, 2025risk 0.00cvss —epss 0.00
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose four admin routes – /admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/ca, and…
- CVE-2025-34206Sep 19, 2025risk 0.00cvss —epss 0.00
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) mount host configuration and secret material under /var/www/efs_storage into many Docker containers with overly-permissive filesystem permissions. Files such as secrets.env,…
- CVE-2025-27680Mar 5, 2025risk 0.00cvss —epss 0.00
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442 allows Insecure Firmware Image with Insufficient Verification of Data Authenticity V-2024-004.
- CVE-2025-27651Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: Elatec V-2023-014.
- CVE-2025-27666Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010.
- CVE-2025-27673Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cookie Returned in Response Body OVE-20230524-0017.
- CVE-2025-27670Mar 5, 2025risk 0.00cvss —epss 0.00
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Signature Validation OVE-20230524-0014.
- CVE-2025-27681Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004.
- CVE-2025-27685Mar 5, 2025risk 0.00cvss —epss 0.00
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001.
- CVE-2025-27667Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Administrative User Email Enumeration OVE-20230524-0011.
- CVE-2025-27668Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Arbitrary Content Inclusion via Iframe OVE-20230524-0012.
- CVE-2025-27669Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning (XSPA)/DoS OVE-20230524-0013.
- CVE-2025-27671Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Device Impersonation OVE-20230524-0015.
- CVE-2025-27675Mar 5, 2025risk 0.00cvss —epss 0.01
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004.