Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.7 views

PT-2026-24947

Use of a custom token encoding algorithm in Streamsoft Prestiż software allows the value of the KSeF Krajowy System e-Faktur token to be guessed after analyzing how tokens with know values are encoded. This issue was fixed in version 20.0.380.92...

6.3CVSS5.8AI score0.00249EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54324

Malicious code in bioql PyPI...

8.2CVSS6.3AI score0.00376EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54323

Malicious code in bioql PyPI...

8.6CVSS6.3AI score0.00398EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/30 1:32 p.m.15 views

CVE-2024-7407

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transforme...

8.2CVSS7.1AI score0.00376EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/30 1:32 p.m.16 views

CVE-2024-11504

Input from multiple fields in Streamsoft Prestiż is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker. This issue was fixed in 18.1.376.37 version of the software...

8.6CVSS8.1AI score0.00398EPSS
Exploits0References4
NVD
NVD
added 2025/03/28 1:15 p.m.9 views

CVE-2024-7407

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...

8.2CVSS0.00376EPSS
Exploits0References2
NVD
NVD
added 2025/03/28 1:15 p.m.12 views

CVE-2024-11504

Input from multiple fields in Streamsoft Prestiż is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker. This issue was fixed in 18.1.376.37 version of the software...

8.6CVSS0.00398EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/28 12:54 p.m.9 views

CVE-2024-7407 Weak password encoding in Streamsoft Prestiż

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...

8.2CVSS7AI score0.00376EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/28 12:54 p.m.15 views

CVE-2024-7407 Weak password encoding in Streamsoft Prestiż

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...

8.2CVSS0.00376EPSS
Exploits0References2
CVE
CVE
added 2025/03/28 12:54 p.m.45 views

CVE-2024-7407

CVE-2024-7407 concerns Streamsoft Prestiż, where a custom password encoding algorithm allows decoding of stored passwords from encoded forms under observer-informed conditions. The vulnerable element is the password encoding/transform process in the application’s database storage. The impact, as ...

8.2CVSS7AI score0.00376EPSS
Exploits0References2
CVE
CVE
added 2025/03/28 12:54 p.m.45 views

CVE-2024-11504

CVE-2024-11504 affects Streamsoft Prestiż. Description shows an SQL injection due to improper sanitization of input from multiple fields, exploitable by an authenticated remote attacker. The vulnerability is rated high ( CVSS 4.0: base score 8.6; Network attack vector; low required privileges; no...

8.6CVSS8.1AI score0.00398EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/28 12:54 p.m.20 views

CVE-2024-11504 SQL Injection in Streamsoft Prestiż

Input from multiple fields in Streamsoft Prestiż is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker. This issue was fixed in 18.1.376.37 version of the software...

8.6CVSS0.00398EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/28 12:54 p.m.10 views

CVE-2024-11504 SQL Injection in Streamsoft Prestiż

Input from multiple fields in Streamsoft Prestiż is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker. This issue was fixed in 18.1.376.37 version of the software...

8.6CVSS8.1AI score0.00398EPSS
Exploits0References2
Rows per page
Query Builder