Cadclick@1.11.0 Security Vulnerabilities and Issues — Cadclick@1.11.0 CVE List

Lucene search

4paceCadclick1.11.0

3 matches found

CVE•added 2024/10/04 6:15 p.m.•39 views

CVE-2024-41512

A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter.

8.8CVSS9.2AI score0.00348EPSS

CVE•added 2024/10/04 6:15 p.m.•37 views

CVE-2024-41513

A reflected cross-site scripting (XSS) vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter.

5.4CVSS5.9AI score0.00074EPSS

CVE•added 2024/10/04 6:15 p.m.•35 views

CVE-2024-41514

A reflected cross-site scripting (XSS) vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter.

5.4CVSS5.5AI score0.00074EPSS