Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Smeup Subscribe
Filtered by product Erp
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26758 1 Smeup 1 Erp 2023-03-03 N/A 7.5 HIGH
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService.
CVE-2023-26760 1 Smeup 1 Erp 2023-03-03 N/A 7.5 HIGH
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system.
CVE-2023-26759 1 Smeup 1 Erp 2023-03-03 N/A 8.8 HIGH
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component.
CVE-2023-26762 1 Smeup 1 Erp 2023-03-03 N/A 8.8 HIGH
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability.