ReportizFlow
Filtered by vendor Ellevo
Subscriptions
Filtered by product Ellevo
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-46655 | 1 Ellevo | 1 Ellevo | 2024-10-02 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in Ellevo 6.2.0.38160 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload or URL. | ||||
| CVE-2024-42760 | 1 Ellevo | 1 Ellevo | 2024-09-12 | 7.5 High |
| SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive information via the /api/mob/instrucao/conta/destinatarios component. | ||||
| CVE-2024-42759 | 1 Ellevo | 1 Ellevo | 2024-09-10 | 6.3 Medium |
| An issue in Ellevo v.6.2.0.38160 allows a remote attacker to escalate privileges via the /api/usuario/cadastrodesuplente endpoint. | ||||
Page 1 of 1.