cbcvebase.

Reputeinfosystems Arprice vulnerabilities

6 known vulnerabilities affecting reputeinfosystems/arprice.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-49655P2CRITICALCVSS 9.3≤ 4.1.32025-01-21
CVE-2024-49655 [CRITICAL] CWE-89 CVE-2024-49655: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARPrice arprice allows SQL Injection.This issue affects ARPrice: from n/a through <= 4.1.3.
nvd
CVE-2024-49688P3CRITICALCVSS 9.8≤ 4.1.32025-01-21
CVE-2024-49688 [CRITICAL] CWE-502 CVE-2024-49688: Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object I Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through <= 4.1.3.
nvd
CVE-2024-49699P3HIGHCVSS 8.8≤ 4.1.32025-01-21
CVE-2024-49699 [HIGH] CWE-502 CVE-2024-49699: Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object I Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through <= 4.1.3.
nvd
CVE-2024-49666P3HIGHCVSS 8.5≤ 4.1.32025-01-21
CVE-2024-49666 [HIGH] CWE-89 CVE-2024-49666: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARPrice arprice allows SQL Injection.This issue affects ARPrice: from n/a through <= 4.1.3.
nvd
CVE-2025-26731P4MEDIUMCVSS 6.5≤ 4.1.32025-03-27
CVE-2025-26731 [MEDIUM] CWE-79 CVE-2025-26731: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARPrice arprice allows Stored XSS.This issue affects ARPrice: from n/a through <= 4.1.3.
nvd
CVE-2024-49700P4HIGHCVSS 7.1≤ 4.1.32025-01-21
CVE-2024-49700 [HIGH] CWE-79 CVE-2024-49700: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARPrice arprice allows Reflected XSS.This issue affects ARPrice: from n/a through <= 4.1.3.
nvd
Reputeinfosystems Arprice vulnerabilities | cvebase