ReportizFlow
Filtered by vendor Computrols
Subscriptions
Filtered by product Computrols Building Automation Software
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10855 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database. | ||||
| CVE-2019-10854 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 allows Authenticated Command Injection. | ||||
| CVE-2019-10853 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 allows Authentication Bypass. | ||||
| CVE-2019-10852 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. | ||||
| CVE-2019-10851 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 has hard-coded encryption keys. | ||||
| CVE-2019-10850 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 has Default Credentials. | ||||
| CVE-2019-10849 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. | ||||
| CVE-2019-10848 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 allows Username Enumeration. | ||||
| CVE-2019-10847 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | N/A |
| Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. | ||||
Page 1 of 1.