Filtered by vendor Sunbirddcim
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37776 | 1 Sunbirddcim | 1 Dctrack | 2025-06-20 | N/A | 4.8 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Sunbird DCIM dcTrack v9.1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in some admin screens. | |||||
| CVE-2024-37775 | 1 Sunbirddcim | 1 Dctrack | 2025-06-20 | N/A | 7.5 HIGH |
| Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a ticket with a location which bypasses an RBAC check. | |||||
| CVE-2024-37774 | 1 Sunbirddcim | 1 Dctrack | 2025-06-20 | N/A | 8.0 HIGH |
| A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some admin screens. | |||||
| CVE-2024-37773 | 1 Sunbirddcim | 1 Dctrack | 2025-06-20 | N/A | 4.8 MEDIUM |
| An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as administrators to inject arbitrary HTML code in an admin screen. | |||||