Orpak Siteomat

6 CVEs affecting Orpak Siteomat. Latest disclosed: 2019-06-03. Critical: 3, High: 2.

Top CVEs affecting Orpak Siteomat
CVESeverityScorePublishedSummary
CVE-2017-14851Critical9.82019-06-03A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication valid…
CVE-2017-14728Critical9.82019-06-03An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the submission of this expl…
CVE-2017-14854Critical9.12019-06-03A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to…
CVE-2017-14853High8.62019-06-03The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command…
CVE-2017-14852High8.62019-06-03An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The att…
CVE-2017-14850Medium6.12019-06-03All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external use…