Every CVE whose affected-product data names Orpak Siteomat, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2017-14728 — CVSS 9.8 (critical): An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the…
CVE-2017-14851 — CVSS 9.8 (critical): A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the…
CVE-2017-14854 — CVSS 9.1 (critical): A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects…
CVE-2017-14852 — CVSS 8.6 (high): An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL…
CVE-2017-14853 — CVSS 8.6 (high): The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a…
CVE-2017-14850 — CVSS 6.1 (medium): All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to…