CVE-2022-38617 — CVSS 8.8 (high): SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at…
CVE-2022-38618 — CVSS 8.8 (high): SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88, UserForm:j_id90, and…
CVE-2018-15207 — CVSS 7.2 (high): BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately restrict access: a normal user is able to…
CVE-2022-35554 — CVSS 6.1 (medium): Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute…