Sergestec Exito

3 CVEs affecting Sergestec Exito. Latest disclosed: 2025-10-16. Critical: 1, High: 1.

Top CVEs affecting Sergestec Exito
CVESeverityScorePublishedSummary
CVE-2025-41018Critical9.82025-10-16SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'cat' parameter in…
CVE-2025-41020High7.52025-10-16Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. This vulnerability allows an attacker to access data belonging to other custom…
CVE-2025-41021Medium5.42025-10-16Stored Cross-Site Scripting (XSS) in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST requ…