Vulnerabilities (CVE)

Filtered by vendor Cdsoft Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27247 1 Cdsoft 1 Winhotel.mx 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.
CVE-2014-5737 1 Cdsoft 1 Cdsoft 2024-11-21 5.4 MEDIUM N/A
The CDsoft (aka com.wCDSOFT) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.