2 matches found
CVE-2024-51162
An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user with any privilege of Audimex to dump the whole Audimex database. This gives visibility upon password hashes...
CVE-2024-30889
Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service, method, widgettype, requestid, payload parameters...