Every CVE whose affected-product data names Sergestec Exito, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-41018 — CVSS 9.8 (critical): SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through…
CVE-2025-41020 — CVSS 7.5 (high): Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. This vulnerability allows an attacker to access data…
CVE-2025-41021 — CVSS 5.4 (medium): Stored Cross-Site Scripting (XSS) in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by…