Skip to main content

Siteomat

6 CVEs product

Monthly

CVE-2017-14854 CRITICAL Act Now

A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.4% and no vendor patch available.

Buffer Overflow RCE Siteomat
NVD VulDB
CVSS 3.1
9.1
EPSS
11.4%
CVE-2017-14853 HIGH This Week

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Siteomat
NVD VulDB
CVSS 3.1
8.6
EPSS
1.5%
CVE-2017-14852 HIGH This Week

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Siteomat
NVD VulDB
CVSS 3.1
8.6
EPSS
0.6%
CVE-2017-14851 CRITICAL Act Now

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Siteomat
NVD VulDB
CVSS 3.1
9.8
EPSS
4.8%
CVE-2017-14850 MEDIUM This Month

All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Siteomat
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2017-14728 CRITICAL Act Now

An authentication bypass was found in an unknown area of the SiteOmat source code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.2% and no vendor patch available.

Authentication Bypass Siteomat
NVD VulDB
CVSS 3.1
9.8
EPSS
10.2%
EPSS 11% CVSS 9.1
CRITICAL Act Now

A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.4% and no vendor patch available.

Buffer Overflow RCE Siteomat
NVD VulDB
EPSS 2% CVSS 8.6
HIGH This Week

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Siteomat
NVD VulDB
EPSS 1% CVSS 8.6
HIGH This Week

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Siteomat
NVD VulDB
EPSS 5% CVSS 9.8
CRITICAL Act Now

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Siteomat
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Siteomat
NVD VulDB
EPSS 10% CVSS 9.8
CRITICAL Act Now

An authentication bypass was found in an unknown area of the SiteOmat source code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.2% and no vendor patch available.

Authentication Bypass Siteomat
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy