Vulnerabilities (CVE)

Filtered by vendor Bladex Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40788 1 Bladex 1 Springblade 2024-11-21 N/A 5.3 MEDIUM
SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs
CVE-2023-40787 1 Bladex 1 Springblade 2024-11-21 N/A 9.8 CRITICAL
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection.
CVE-2022-27360 1 Bladex 1 Springblade 2024-11-21 7.5 HIGH 9.8 CRITICAL
SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment.