ReportizFlow
Filtered by vendor Easy Test Project
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-43438 | 1 Easy Test Project | 1 Easy Test | 2024-11-21 | 8.8 High |
| The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote attacker authenticated as a general user can exploit this vulnerability to bypass the intended access restrictions, to make API functions calls, manipulate system and terminate service. | ||||
| CVE-2022-43437 | 1 Easy Test Project | 1 Easy Test | 2024-11-21 | 8.8 High |
| The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database. | ||||
| CVE-2022-43436 | 1 Easy Test Project | 1 Easy Test | 2024-11-21 | 8.8 High |
| The File Upload function of EasyTest has insufficient filtering for special characters and file type. A remote attacker authenticated as a general user can upload and execute arbitrary files, to manipulate system or disrupt service. | ||||
Page 1 of 1.