Filtered by vendor Cellopoint
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17385 | 1 Cellopoint | 1 Cellos | 2020-08-27 | 5.0 MEDIUM | 7.5 HIGH |
| Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | |||||
| CVE-2020-17384 | 1 Cellopoint | 1 Cellos | 2020-08-27 | 9.0 HIGH | 7.2 HIGH |
| Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system. | |||||
| CVE-2020-17386 | 1 Cellopoint | 1 Cellos | 2020-08-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system. | |||||