CVE-2023-5457

< 1.0.7-2

A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web applicati

7.5HIGH

CVE-2023-45600

< 1.0.7-2

A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the session cookie “sessionid” la

5.6MEDIUM

CVE-2023-45599

< 1.0.7-2

A CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality o

5.5MEDIUM

CVE-2023-45598

< 1.0.7-2

A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows

5.3MEDIUM

CVE-2023-45597

< 1.0.7-2

A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the “file_configuration” functiona

5.9MEDIUM

CVE-2023-45596

< 1.0.7-2

A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “file_configuration” functionality of the web applicat

5.3MEDIUM

CVE-2023-45595

< 1.0.7-2

A CWE-434 “Unrestricted Upload of File with Dangerous Type” vulnerability in the “file_configuration” functionality of the

5.9MEDIUM

CVE-2023-45594

< 1.0.7-2

A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded Chromium browser allows a physic

6.8MEDIUM

CVE-2023-45593

< 1.0.7-2

A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of al

6.8MEDIUM

CVE-2023-45592

< 1.0.7-2

A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser (due to the binary being exec

6.8MEDIUM

CVE-2023-45591

< 1.0.7-2

A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a

7.5HIGH

CVE-2023-5456

< 1.0.7-2

A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web application allows a remote unauthe

8.1HIGH