Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ComputrolsComputrols Building Automation Software*

9 matches found

CVE
CVEadded 2019/05/23 8:29 p.m.102 views

CVE-2019-10849

Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure.

7.5CVSS7.4AI score0.1213EPSS
CVE
CVEadded 2019/05/24 5:29 p.m.73 views

CVE-2019-10847

Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.

8.8CVSS8.6AI score0.0047EPSS
CVE
CVEadded 2019/05/23 7:29 p.m.68 views

CVE-2019-10853

Computrols CBAS 18.0.0 allows Authentication Bypass.

8.3CVSS8.4AI score0.00414EPSS
CVE
CVEadded 2019/05/24 5:29 p.m.61 views

CVE-2019-10848

Computrols CBAS 18.0.0 allows Username Enumeration.

5.3CVSS5.2AI score0.05234EPSS
CVE
CVEadded 2019/05/23 7:29 p.m.55 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection.

9CVSS8.7AI score0.13639EPSS
CVE
CVEadded 2019/05/23 8:29 p.m.39 views

CVE-2019-10850

Computrols CBAS 18.0.0 has Default Credentials.

10CVSS9.4AI score0.00393EPSS
CVE
CVEadded 2019/05/23 7:29 p.m.37 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys.

6.5CVSS6.5AI score0.0012EPSS
CVE
CVEadded 2019/05/23 7:29 p.m.34 views

CVE-2019-10855

Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database.

7.5CVSS7.5AI score0.00148EPSS
CVE
CVEadded 2019/05/23 7:29 p.m.33 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.

8.8CVSS9.1AI score0.0049EPSS