Epicor Enterprise vulnerabilities
2 known vulnerabilities affecting epicor/epicor_enterprise.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-4311P4MEDIUMCVSS 5.0PoC≤ 7.42014-11-04
CVE-2014-4311 [MEDIUM] CWE-200 CVE-2014-4311: Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Conn
Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection and email settings page.
nvd
CVE-2014-4312P4MEDIUMCVSS 4.3PoC≤ 7.42014-10-10
CVE-2014-4312 [MEDIUM] CWE-79 CVE-2014-4312: Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL
Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to Order details; (2) Description section to "Order to consume"; (3) Favorites name section to Favorites; (4) FiltKeyword parameter to Procurement/EKPHTML/sear
nvd