Lucene search

K

UltraLog Express Security Vulnerabilities

cve
cve

CVE-2020-3921

UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific...

8.6CVSS

7.3AI Score

0.002EPSS

2020-03-27 04:15 AM
82
cve
cve

CVE-2020-3936

UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL...

10CVSS

9.5AI Score

0.002EPSS

2020-03-27 04:15 AM
81
cve
cve

CVE-2020-3920

UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system...

8.1CVSS

8AI Score

0.001EPSS

2020-03-27 04:15 AM
82