Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2020/02/27 12:0 a.m.37 views

WiKID 2FA Enterprise Server SQL Injection (CVE-2019-16917; CVE-2019-17117; CVE-2019-17119)

An SQL injection vulnerability exists in WiKID 2FA Enterprise Server. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL commands against the database on the target server...

6.5CVSS3.6AI score0.02143EPSS
Exploits5
0day.today
0day.today
added 2019/10/22 12:0 a.m.106 views

WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF Vulnerabilities

WiKID Systems 2FA Enterprise Server version 4.2.0-b2032 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. WiKID Systems 2FA Enterprise Serverversion 4.2.0-b2032 and earlier was found to be vulnerable to multiple Cross-Site Scripting, SQLi, an...

6.8CVSS0.2AI score0.49955EPSS
Exploits10
Packet Storm
Packet Storm
added 2019/10/18 12:0 a.m.238 views

WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF

WiKID Systems 2FA Enterprise Serverversion 4.2.0-b2032 and earlier was found to be vulnerable to multiple Cross-Site Scripting, SQLi, and CSRF issues. searchDevices.jsp is vulnerable to SQL injection through the uid and domain parameters. The application uses Postgres which supports Stacked...

0.4AI score0.49955EPSS
Exploits10
OSV
OSV
added 2019/10/17 6:15 p.m.3 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

8.8CVSS7.3AI score0.02143EPSS
Exploits3References3
CVE
CVE
added 2019/10/17 5:42 p.m.56 views

CVE-2019-16917

WiKID Enterprise 2FA Enterprise Server (up to 4.2.0-b2047) is affected by an SQL injection in searchDevices.jsp. The uid and domain parameters are unsanitized and used in a SQL query built in buildSearchWhereClause, enabling arbitrary SQL execution as described by multiple sources. Public details...

8.8CVSS8.9AI score0.02143EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder