Vulnerabilities (CVE)

Filtered by vendor Globalnorthstar Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-29395	1 Globalnorthstar	1 Northstar Club Management	2022-02-08	5.0 MEDIUM	7.5 HIGH
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application.
CVE-2021-29397	1 Globalnorthstar	1 Northstar Club Management	2022-02-08	5.0 MEDIUM	7.5 HIGH
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP.