80 matches found
PT-2024-28252 · Horizon Business Services Inc. · Caterease
Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing...
CVE-2024-38887
CVE-2024-38887 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663–24.0.1.2405. The issue allows a remote attacker to expand control over the operating system from the database by executing commands with unnecessary privileges. Impact is described as total compromise in the sour...
CVE-2024-38888
CVE-2024-38888 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405, where a flaw in restricting excessive authentication attempts enables a local attacker to perform a password brute force. The linked data records a CVSS v3.1 base score of 6.8 (Medium): Attac...
CVE-2024-38886
The CVE-2024-38886 entry concerns Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 (and possibly later versions). A remote attacker can perform a Traffic Injection attack due to improper verification of the source of a communication channel. The NVD/CNA records ra...
CVE-2024-38884
CVE-2024-38884 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663–24.0.1.2405 (and possibly later). The issue arises from improperly implemented security checks for standard authentication mechanisms, enabling a local attacker to perform an authentication bypass. The connected ...
CVE-2024-38891
CVE-2024-38891 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 (and potentially later). The issue enables a remote attacker to perform a sniffing network traffic attack due to cleartext transmission of sensitive information, with impact on confidentiality...
CVE-2024-38887
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary privileges...
Horizon Business Services Caterease 安全漏洞
Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from an improper implementation of...
PT-2024-28263 · Horizon Business Services Inc. · Caterease
Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information...
CVE-2024-38889
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command...
CVE-2024-38883
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...
CVE-2024-38890
An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks...
CVE-2024-38888
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts...
PT-2024-28257 · Horizon Business Services Inc. · Caterease
Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel. Thi...
CVE-2024-38891
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information...
Horizon Business Services Caterease 安全漏洞
Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which originates from the cleartext transmission ...
PT-2024-28259 · Horizon Business Services Inc. · Caterease
Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. This...
CVE-2024-38885
CVE-2024-38885 affects Horizon Business Services Inc. Caterease (versions 16.0.1.1663–24.0.1.2405 and possibly later). The root cause is hardcoded SQL user credentials in the client application, enabling a remote attacker to perform unauthorized access using known operating system credentials ove...
PT-2024-28256 · Horizon Business Services Inc. · Caterease
Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in...
Horizon Business Services Caterease 安全漏洞
Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from hard-coded SQL user credentials ...