15 matches found
EUVD-2024-44563
Malicious code in bioql PyPI...
EUVD-2024-44562
Malicious code in bioql PyPI...
CVE-2024-4995
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects Wapro ERP Desktop versions before 9.00.0...
CVE-2024-4996
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90....
CVE-2024-4996
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90....
CVE-2024-4995
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects Wapro ERP Desktop versions before 9.00.0...
CVE-2024-4996
CVE-2024-4996 affects Wapro ERP Desktop prior to 8.90.0. Root cause is a hard-coded database administrator password created during installation, allowing an attacker to retrieve embedded sensitive data. Described impact includes high confidentiality/integrity/availability concerns; CVSS scores in...
CVE-2024-4996 Hardcoded Password in Wapro ERP Desktop
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90....
CVE-2024-4996 Hardcoded Password in Wapro ERP Desktop
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90....
CVE-2024-4995 Protocol Downgrade in Wapro ERP Desktop
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects Wapro ERP Desktop versions before 9.00.0...
CVE-2024-4995 Protocol Downgrade in Wapro ERP Desktop
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects Wapro ERP Desktop versions before 9.00.0...
CVE-2024-4995
CVE-2024-4995 (Wapro ERP Desktop) is publicly described as a server-side MS SQL protocol downgrade vulnerability affecting Wapro ERP Desktop before 9.00.0. The issue enables unencrypted communication between components, which may allow data interception and modification. Public records do not spe...
PT-2024-33801
Name of the Vulnerable Software and Affected Versions: Wapro ERP Desktop versions prior to 8.90.0 Description: The issue involves the use of a hard-coded password for a database administrator account created during Wapro ERP installation. This allows an attacker to retrieve embedded sensitive dat...
PT-2024-33792
Name of the Vulnerable Software and Affected Versions: Wapro ERP Desktop versions prior to 9.00.0 Description: The issue affects Wapro ERP Desktop, where it is vulnerable to MS SQL protocol downgrade requests from the server side. This could lead to unencrypted communication, making it vulnerable...
Asseco Business Solutions Wapro ERP 安全漏洞
Asseco Business Solutions Wapro ERP is an enterprise-oriented ERP software from Asseco Business Solutions, Poland. A security vulnerability exists in Asseco Business Solutions Wapro ERP versions prior to 9.00.0, which stems from vulnerability to server-side MS SQL protocol downgrade requests, whi...