Vendor

Talya Informatics

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2024-1107	Talya Informatics Travel Apps	Cri	0.64	9.8	Jun 27, 2024	Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68.
CVE-2024-0949	Talya Informatics Elektraweb	Cri	0.64	9.8	Jun 27, 2024	Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass. This issue affects Elektraweb: before v17.0.68.
CVE-2024-0947	Talya Informatics Elektraweb	Cri	0.64	9.8	Jun 27, 2024	Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue…
CVE-2024-1153	Talya Informatics Travel Apps	Med	0.30	4.6	Jun 27, 2024	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68.

CVE-2024-1107CriJun 27, 2024
Talya Informatics
Travel Apps
risk 0.64cvss 9.8epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68.
CVE-2024-0949CriJun 27, 2024
Talya Informatics
Elektraweb
risk 0.64cvss 9.8epss 0.00
Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass. This issue affects Elektraweb: before v17.0.68.
CVE-2024-0947CriJun 27, 2024
Talya Informatics
Elektraweb
risk 0.64cvss 9.8epss 0.00
Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue…
CVE-2024-1153MedJun 27, 2024
Talya Informatics
Travel Apps
risk 0.30cvss 4.6epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68.