Rtica Integria Ims vulnerabilities
3 known vulnerabilities affecting rtica/integria_ims.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-3832P2CRITICALCVSS 9.8v5.0.922021-10-07
CVE-2021-3832 [CRITICAL] CWE-434 CVE-2021-3832: Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uplo
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. An unauthenticated attacker could abuse the AsyncUpload() function in order to exploit the vulnerability.
nvd
CVE-2021-3833P3CRITICALCVSS 9.8v5.0.922021-10-07
CVE-2021-3833 [CRITICAL] CWE-697 CVE-2021-3833: Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password prov
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. An attacker with a specific formatted password could exploit this vulnerability in order to login in the system with different passwords.
nvd
CVE-2021-3834P4MEDIUMCVSS 6.1v5.0.922021-10-07
CVE-2021-3834 [MEDIUM] CWE-79 CVE-2021-3834: Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php fi
Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. An attacker could exploit this vulnerability in order to perform a cross-site scripting attack (XSS).
nvd