CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Datalex: Security Vulnerabilities

CVE-2015-2858

Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to (1) ValidateFormAction.do or (2) ProfileConfirmEditAddressAction.do.

CVSS Score

7.5

EPSS Score

0.003

Published

2015-10-02

CVE-2002-0933

Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks.

CVSS Score

7.5

EPSS Score

0.007

Published

2002-10-04

Page 1

Vulnerabilities

Vulnerable Software

Datalex: Security Vulnerabilities

Products

Pricing

Contact Us