Filtered by vendor Prolion
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36654 | 1 Prolion | 1 Cryptospike | 2023-12-13 | N/A | 6.5 MEDIUM |
| Directory traversal in the log-download REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to download host server SSH private keys (associated with a Linux root user) by injecting paths inside REST API endpoint parameters. | |||||
| CVE-2023-36652 | 1 Prolion | 1 Cryptospike | 2023-12-13 | N/A | 4.3 MEDIUM |
| A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter. | |||||