5 matches found
The vulnerability of the Apex-VUZ education automation system, related to the use of strictly encrypted user data, allows a perpetrator to gain full access to the software environment.
The vulnerability of the Apex-VUZ education automation system is related to the use of strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to gain full access to the software environment...
PT-2022-6297 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the use of hardcoded credentials in the Апекс-ВУЗ education automation system. Exploitation of this issue may allow a remote attacker to gain full access to the...
PT-2022-6293 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the password reset mechanism in the education automation system, which uses the SHA-1 encryption algorithm with insufficient strength. This could allow a remote...
PT-2022-6296 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to insufficient access control in the web interface of the Апекс-ВУЗ education automation system. Exploitation of this issue may allow a remote attacker to gain acces...
PT-2022-6300 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the transmission of data in open form through the LoginForm and RegisterForm in the Апекс-ВУЗ education automation system. This could allow a remote attacker to ga...