Skip to main content

2Fa Enterprise Server

3 CVEs product

Monthly

CVE-2019-17120 MEDIUM POC THREAT This Month

A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 2Fa Enterprise Server
NVD
CVSS 3.1
6.1
EPSS
50.0%
CVE-2019-17118 HIGH POC This Week

A CSRF issue in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows a remote attacker to trick an authenticated user into performing unintended actions such as (1) create or delete admin users;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF 2Fa Enterprise Server
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2019-17117 HIGH POC This Week

A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi 2Fa Enterprise Server
NVD
CVSS 3.1
8.8
EPSS
1.7%
EPSS 50% CVSS 6.1
MEDIUM POC THREAT This Month

A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 2Fa Enterprise Server
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

A CSRF issue in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows a remote attacker to trick an authenticated user into performing unintended actions such as (1) create or delete admin users;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF 2Fa Enterprise Server
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi 2Fa Enterprise Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy