Vulnerabilities (CVE)

Filtered by vendor Smeup Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26762 1 Smeup 1 Erp 2024-11-21 N/A 8.8 HIGH
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability.
CVE-2023-26760 1 Smeup 1 Erp 2024-11-21 N/A 7.5 HIGH
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system.
CVE-2023-26759 1 Smeup 1 Erp 2024-11-21 N/A 8.8 HIGH
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component.
CVE-2023-26758 1 Smeup 1 Erp 2024-11-21 N/A 7.5 HIGH
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService.