2 matches found
WiKID Systems 2FA Enterprise Server SQL Injection Vulnerability
WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A SQL injection vulnerability exists in the processPref.jsp file in WiKID 2FA Enterprise Server 4.2.0-b2053 and prior versions. The vulnerability stems from a database-based application that lacks...
CVE-2019-17118
A CSRF issue in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows a remote attacker to trick an authenticated user into performing unintended actions such as 1 create or delete admin users; 2 create or delete groups; or 3 create, delete, enable, or disable normal users or devices...