Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iris star practice management 2019.2.0.6 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-28403
A Cross-Site Request Forgery (CSRF) vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an malicious user to change the privileges of any user of the application. This can be used to grant himself administrative role or remove the administrative acco...
Iris Star 2019.2.0.6
8.8
CVSSv3
CVE-2020-28405
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be used to grant himself the administrative role or remove all administrative account...
Iris Star Practice Management 2019.2.0.6
8.8
CVSSv3
CVE-2020-28402
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.
Iris Star Practice Management 2019.2.0.6
6.5
CVSSv3
CVE-2020-28401
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access WIP details about jobs he should not have access to.
Iris Star Practice Management 2019.2.0.6
6.5
CVSSv3
CVE-2020-28404
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access the Billing page without the appropriate privileges.
Iris Star Practice Management 2019.2.0.6
6.5
CVSSv3
CVE-2020-28406
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audit Trail Feature.
Iris Star Practice Management 2019.2.0.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started