Lucene search

K

Bpcbt Security Vulnerabilities

cve
cve

CVE-2022-38619

SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at...

9.8CVSS

9.8AI Score

0.002EPSS

2022-09-21 12:15 AM
37
7
cve
cve

CVE-2022-38618

SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at...

8.8CVSS

8.9AI Score

0.002EPSS

2022-09-19 04:15 PM
25
5
cve
cve

CVE-2022-38617

SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at...

8.8CVSS

8.9AI Score

0.001EPSS

2022-09-19 01:15 PM
24
4
cve
cve

CVE-2022-38616

SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at...

8.8CVSS

8.9AI Score

0.002EPSS

2022-09-13 12:15 PM
27
6
cve
cve

CVE-2022-38614

An issue in the IGB Files and OutfileService features of SmartVista Cardgen v3.28.0 allows attackers to list and download arbitrary files via modifying the PATH...

7.5CVSS

7.5AI Score

0.002EPSS

2022-09-09 05:15 PM
32
7
cve
cve

CVE-2022-38615

SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at...

8.8CVSS

9.2AI Score

0.001EPSS

2022-09-09 05:15 PM
28
4
cve
cve

CVE-2022-38613

A Path Traversal vulnerability in SmartVista Cardgen v3.28.0 allows authenticated attackers to read arbitrary files in the...

6.5CVSS

6.2AI Score

0.002EPSS

2022-09-09 04:15 PM
26
4
cve
cve

CVE-2022-35554

Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute javascript code at client...

6.1CVSS

6.3AI Score

0.001EPSS

2022-08-19 11:15 PM
39
4
cve
cve

CVE-2018-15207

BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately restrict access: a normal user is able to access the SVFE2/pages/finadmin/currconvrate/currconvrate.jsf functionality that should be only accessible to an...

7.2CVSS

6.8AI Score

0.001EPSS

2019-04-30 07:29 PM
28
cve
cve

CVE-2018-15206

BPC SmartVista 2 has CSRF via...

8.8CVSS

8.7AI Score

0.001EPSS

2019-04-30 07:29 PM
26
cve
cve

CVE-2018-15208

BPC SmartVista 2 has Session Fixation via the JSESSIONID...

7.5CVSS

7.5AI Score

0.002EPSS

2019-04-30 07:29 PM
18