Vulnerabilities (CVE)

Filtered by vendor Sertek Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13448 1 Sertek 1 Xpare 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload to send to the product's clients.
CVE-2019-13447 1 Sertek 1 Xpare 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.