5 matches found
CVE-2020-28404
CVE-2020-28404 affects Star Practice Management Web (version 2019.2.0.6). The connected documents describe an improper authorization vulnerability that allows an unauthorized user to access the Billing page without the appropriate privileges, indicating an access-control error in the web applicat...
CVE-2020-28406
CVE-2020-28406 affects Star Practice Management Web version 2019.2.0.6, with an improper authorization flaw that lets an unauthorized user view details about jobs they should not access via the Audit Trail feature. The connected records confirm the same vulnerability description across multiple s...
CVE-2020-28405
CVE-2020-28405 concerns an improper authorization flaw in Star Practice Management Web version 2019.2.0.6. An unauthorized user can change privileges for any user, enabling self-authorization to the administrative role or removing all administrative accounts. The vulnerability is described consis...
CVE-2020-28402
CVE-2020-28402 affects Star Practice Management Web (v2019.2.0.6). The issue is an improper authorization that could allow an unauthorized user to access the Launcher Configuration Panel. Documented by multiple sources (NVD, Red Hat, CNVD and others) with no public exploitation details or fixes p...
CVE-2020-28401
CVE-2020-28401 affects Star Practice Management Web (version 2019.2.0.6). The cited entries describe an improper authorization vulnerability that allows an unauthorized user to access WIP details for jobs they should not see. The core issue is access control: an attacker can retrieve sensitive WI...