Logint: >> Lomag Warehouse Management Security Vulnerabilities
SQL Injection vulnerability in LOGINT LoMag Inventory Management v1.0.20.120 and before allows an attacker to execute arbitrary code via the ArticleGetGroups, DocAddDocument, ClassClickShop and frmSettings components.
CVSS Score
8.1
EPSS Score
0.002
Published
2024-05-01
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. By default, hard-coded passwords of 10 characters with little or no complexity are allowed.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-05-01
The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard-coded passwords by default for forms and SQL connections.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-05-01
An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-05-01