Filtered by vendor Celk
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-55199 | 1 Celk | 1 Celk Saude | 2025-06-23 | 5.4 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser. | ||||
| CVE-2024-48761 | 1 Celk | 1 Celk Saude | 2025-05-23 | 8.8 High |
| Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter. | ||||
| CVE-2024-51182 | 1 Celk | 1 Celk Saude | 2025-05-23 | 6.1 Medium |
| HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter. | ||||
| CVE-2024-55198 | 1 Celk | 1 Celk Saude | 2025-04-03 | 5.3 Medium |
| User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses. | ||||
Page 1 of 1.