Simmeth Lieferantenmanager — known CVE vulnerabilities
Every CVE whose affected-product data names Simmeth Lieferantenmanager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-44015 — CVSS 9.8 (critical): An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can inject raw SQL queries. By activating MSSQL features, the…
CVE-2022-44013 — CVSS 9.1 (critical): An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can make various API calls without authentication because the…
CVE-2022-44016 — CVSS 7.5 (high): An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can download arbitrary files from the web server by abusing…
CVE-2022-44017 — CVSS 7.5 (high): An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session management, an attacker can log back into a…
CVE-2022-44014 — CVSS 6.5 (medium): An issue was discovered in Simmeth Lieferantenmanager before 5.6. In the design of the API, a user is inherently able to fetch arbitrary…
CVE-2022-44012 — CVSS 5.4 (medium): An issue was discovered in /DS/LM_API/api/SelectionService/InsertQueryWithActiveRelationsReturnId in Simmeth Lieferantenmanager before 5.6…