9 matches found
CVE-2019-15933
CVE-2019-15933 affects Intesync Solismed 3.3sp. Public records in multiple feeds describe a SQL injection vulnerability in the application (vulnerable component not explicitly enumerated beyond the product). The CVSS data provided indicates high to critical impact with network access and no authe...
CVE-2019-15932
CVE-2019-15932 affects Intesync Solismed 3.3sp with an improper access control vulnerability. Public sources in CNVD/Red Hat/NVD describe an access control error that could allow information disclosure and privilege elevation. The NVD CVSS metrics indicate high impact (C/I/A High) with network ac...
CVE-2019-15934
CVE-2019-15934 concerns a cross-site request forgery in Intesync Solismed 3.3sp. The connected sources confirm a CSRF issue in the Solismed web application, but do not provide concrete exploit details, affected versions beyond 3.3sp, or remediation steps. CVSS data from the initial record indicat...
CVE-2019-15936
The CVE-2019-15936 entry concerns Intesync Solismed 3.3sp, where an insecure file upload vulnerability is reported. Multiple connected sources (CNVD, RH Red Hat, PRION, NVD, CVE List) identify this issue and, in some entries, indicate potential for remote code execution due to arbitrary file uplo...
CVE-2019-16246
CVE-2019-16246 affects Intesync Solismed 3.3sp1 and is described in Red Hat as a Local File Inclusion (LFI) that leads to unauthenticated code execution. CNVD entries also document a Solismed file inclusion vulnerability. The connected sources confirm LFI as the vulnerability class and unauthenti...
CVE-2019-15935
Intesync Solismed 3.3sp is affected by a cross-site scripting (XSS) vulnerability (CVE-2019-15935). The issue is documented across multiple sources as an XSS in Solismed, with no explicit exploitation details provided in the connected documents. Public material notes the vulnerability but does no...
CVE-2019-17428
CVE-2019-17428 affects Intesync Solismed 3.3sp1. The issue is a flaw in the encryption implementation that allows all encrypted data in the database to be decrypted. The connected documents corroborate an encryption weakness; no exploit details or specific remediation are provided in the supplied...
CVE-2019-15931
CVE-2019-15931 affects Intesync Solismed 3.3sp and is described as a Directory Traversal vulnerability. The available connected documents identify the affected product and vulnerability class but do not provide a detailed root-cause beyond path-handling issues, nor a remediation. NVD metrics for ...
CVE-2019-15930
CVE-2019-15930: Intesync Solismed 3.3sp is affected by a clickjacking vulnerability. Multiple connected sources describe that an attacker could exploit this flaw to hijack user clicks and perform arbitrary actions on behalf of the user within Solismed. The Red Hat/CNVD/NVD entries corroborate the...