Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Topmanage Security Vulnerabilities

cve
cve

CVE-2010-2686

Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP allow remote attackers to execute arbitrary SQL commands via the (1) PriceFrom, (2) PriceTo, and (3) InvFrom parameters, as reachable from olk/c_p/searchCart.asp, and other unspecified vectors when pe...

8.7AI Score

0.001EPSS

2010-07-12 01:27 PM
20
cve
cve

CVE-2020-6844

In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.

8.8CVSS

8.5AI Score

0.004EPSS

2020-02-18 03:15 PM
24
cve
cve

CVE-2020-6845

An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack.

6.1CVSS

5.9AI Score

0.003EPSS

2020-02-18 03:15 PM
27