Oceanicsoft Valeapp
5 CVEs affecting Oceanicsoft Valeapp. Latest disclosed: 2024-09-27. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-8643 | Critical | 9.8 | 2024-09-27 | Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking. This issue affects ValeApp: before v2.0.0. |
CVE-2024-8607 | Critical | 9.8 | 2024-09-27 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection. This issu… |
CVE-2024-8644 | High | 7.5 | 2024-09-27 | Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript… |
CVE-2024-8609 | High | 7.5 | 2024-09-27 | Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information. This issue affects ValeApp: be… |
CVE-2024-8608 | Medium | 5.4 | 2024-09-27 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS. This… |