3 matches found
CVE-2024-42678
CVE-2024-42678 affects the product “Super easy enterprise management system” (versions 1.0.0 and earlier). The vulnerability is a Cross Site Scripting (XSS) flaw that enables a local attacker to execute arbitrary code by delivering a crafted script to the vulnerable component at “/WebSet/DlgGridS...
CVE-2024-42680
CVE-2024-42680 affects Super easy enterprise management system (v.1.0.0 and earlier). The vulnerability allows a local attacker to obtain the server’s absolute path by inputting a single quotation mark, indicating an information disclosure risk rooted in improper input handling. Publicly cited so...
CVE-2024-42679
CVE-2024-42679 affects Super easy enterprise management system v1.0.0 and earlier. The issue is a SQL Injection in the /ajax/Login.ashx component that can allow a local attacker to run arbitrary code. Root cause is unsanitized input leading to SQL injection. Impact is described as high (confident...