VYPR

Vendor CVEs

Printerlogic

All CVEs

40 total · sorted by risk
  • CVE-2023-4835CriSep 15, 2023
    risk 0.64cvss 9.8epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CF Software Oil Management Software allows SQL Injection. This issue affects Oil Management Software: before 20230912 .

  • CVE-2017-20196MedJan 26, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2021-42949Sep 16, 2022
    risk 0.03cvss epss 0.06

    The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks.

  • CVE-2021-42638Feb 1, 2022
    risk 0.02cvss epss 0.06

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.

  • CVE-2021-42635Jan 31, 2022
    risk 0.02cvss epss 0.06

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.

  • CVE-2021-42631Jan 31, 2022
    risk 0.02cvss epss 0.06

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.

  • CVE-2025-34222Sep 29, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose four admin routes – /admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/ca, and…

  • CVE-2025-34206Sep 19, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) mount host configuration and secret material under /var/www/efs_storage into many Docker containers with overly-permissive filesystem permissions. Files such as secrets.env,…

  • CVE-2025-27670Mar 5, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Signature Validation OVE-20230524-0014.

  • CVE-2025-27685Mar 5, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001.

  • CVE-2025-27667Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Administrative User Email Enumeration OVE-20230524-0011.

  • CVE-2025-27672Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows OAUTH Security Bypass OVE-20230524-0016.

  • CVE-2025-27666Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010.

  • CVE-2025-27651Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: Elatec V-2023-014.

  • CVE-2025-27671Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Device Impersonation OVE-20230524-0015.

  • CVE-2025-27673Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cookie Returned in Response Body OVE-20230524-0017.

  • CVE-2025-27669Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning (XSPA)/DoS OVE-20230524-0013.

  • CVE-2025-27682Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Insecure Log Permissions V-2022-005.

  • CVE-2025-27681Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004.

  • CVE-2025-27668Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Arbitrary Content Inclusion via Iframe OVE-20230524-0012.

  • CVE-2025-27680Mar 5, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442 allows Insecure Firmware Image with Insufficient Verification of Data Authenticity V-2024-004.

  • CVE-2025-27675Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004.

  • CVE-2025-27674Mar 5, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Hardcoded IdP Key V-2023-006.

  • CVE-2025-1159Feb 10, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. The attack can be launched…

  • CVE-2025-0849Jan 30, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack…

  • CVE-2025-0710Jan 24, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /notice-list of the component Notice Board Page. The manipulation of the argument Notice leads to cross site scripting. It is…

  • CVE-2025-0625Jan 22, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the…

  • CVE-2025-0581Jan 20, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible…

  • CVE-2025-0560Jan 18, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site…

  • CVE-2025-0559Jan 18, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to…

  • CVE-2021-42642Feb 2, 2022
    risk 0.00cvss epss 0.01

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.

  • CVE-2021-42641Feb 2, 2022
    risk 0.00cvss epss 0.02

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.

  • CVE-2021-42640Feb 2, 2022
    risk 0.00cvss epss 0.02

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.

  • CVE-2021-42639Feb 2, 2022
    risk 0.00cvss epss 0.01

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.

  • CVE-2021-42637Feb 2, 2022
    risk 0.00cvss epss 0.02

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.

  • CVE-2021-42633Feb 2, 2022
    risk 0.00cvss epss 0.02

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.

  • CVE-2020-6872Jul 20, 2020
    risk 0.00cvss epss 0.01

    The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects…

  • CVE-2018-5409May 8, 2019
    risk 0.00cvss epss 0.01

    The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing,…

  • CVE-2019-9505May 8, 2019
    risk 0.00cvss epss 0.03

    The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM…

  • CVE-2018-5408May 8, 2019
    risk 0.00cvss epss 0.01

    The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity…