Secom Dr.id_attendance_system
5 CVEs affecting Secom Dr.id_attendance_system. Latest disclosed: 2024-08-14. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-7732 | Critical | 9.8 | 2024-08-14 | Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands t… |
CVE-2020-3934 | Critical | 9.8 | 2020-02-11 | TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attacker… |
CVE-2020-3935 | High | 7.5 | 2020-02-11 | TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges… |
CVE-2022-26671 | High | 7.3 | 2022-04-07 | Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded… |
CVE-2020-3933 | Medium | 5.3 | 2020-02-11 | TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system. |