VYPR
Vendor

Status

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2010-4659MedNov 20, 2019
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.

  • CVE-2023-25780MedJun 2, 2023
    risk 0.37cvss 5.7epss 0.00

    It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence.

  • CVE-2010-4658MedFeb 7, 2020
    risk 0.35cvss 5.3epss 0.01

    statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.

  • CVE-2013-4137Oct 11, 2013
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."

  • CVE-2011-3802Sep 24, 2011
    risk 0.00cvss epss 0.01

    StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files.