Datalex CVE - CVE Search - CVE Details

Filtered by vendor Datalex Subscribe

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-2858	1 Datalex	1 Airline Booking Software	2015-10-02	7.5 HIGH	N/A
Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to (1) ValidateFormAction.do or (2) ProfileConfirmEditAddressAction.do.
CVE-2002-0933	1 Datalex	1 Bookit Consumer	2008-09-05	7.5 HIGH	N/A
Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks.

Vulnerabilities (CVE)