Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-17386 | 1 Cellopoint | 1 Cellos | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system. | |||||
CVE-2020-17385 | 1 Cellopoint | 1 Cellos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | |||||
CVE-2020-17384 | 1 Cellopoint | 1 Cellos | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system. |