Filtered by vendor Soplanning
Subscriptions
Filtered by product Soplanning
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-9573 | 1 Soplanning | 1 Soplanning | 2024-10-08 | 6.3 Medium |
| SQL injection vulnerability in SOPlanning <1.45, through /soplanning/www/groupe_list.php, in the by parameter, which could allow a remote user to send a specially crafted query and extract all the information stored on the server. | ||||
| CVE-2024-9572 | 1 Soplanning | 1 Soplanning | 2024-10-08 | 6.3 Medium |
| Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/groupe_save.php, in the groupe_id parameter. This could allow a remote user to send a specially crafted query to an authenticated user and steal their session details. | ||||
| CVE-2024-9571 | 1 Soplanning | 1 Soplanning | 2024-10-08 | 6.3 Medium |
| Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/xajax_server.php, affecting multiple parameters. This could allow a remote user to send a specially crafted query to an authenticated user and partially take control of their browser session. | ||||