CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-49706

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.4%

CVSS Severity

CVSS v3 Score 6.1

References

https://cert.pl/en/posts/2025/04/CVE-2024-10087
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html

Products affected by CVE-2024-49706

Softcom.wroc » Iksoris » Version: N/A

cpe:2.3:a:softcom.wroc:iksoris:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-49706

Products

Pricing

Contact Us