CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-3306 – IDOR in Utarit Information's SoliClub
https://notcve.org/view.php?id=CVE-2024-3306
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android. • https://www.usom.gov.tr/bildirim/tr-24-1457 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-3305 – Information Disclosure in Utarit Information's SoliClub
https://notcve.org/view.php?id=CVE-2024-3305
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android. • https://www.usom.gov.tr/bildirim/tr-24-1457 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6255 – Hardcoded Credentals in SoliClub Mobile App
https://notcve.org/view.php?id=CVE-2023-6255
Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App allows Read Sensitive Strings Within an Executable.This issue affects SoliPay Mobile App: before 5.0.8. El uso de vulnerabilidad de credenciales codificadas en la aplicación móvil SoliPay de Utarit Information Technologies permite leer cadenas confidenciales dentro de un ejecutable. Este problema afecta a SoliPay Mobile App: versiones anteriores a 5.0.8. • https://www.usom.gov.tr/bildirim/tr-24-0104 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5155 – SQLi in Utarit's Smart Deposit System
https://notcve.org/view.php?id=CVE-2023-5155
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Utarit Information Technologies SoliPay Mobile App allows SQL Injection.This issue affects SoliPay Mobile App: before 5.0.8. La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Utarit Information Technologies SoliPay Mobile App permite la inyección SQL. Este problema afecta a SoliPay Mobile App: versiones anteriores a 5.0.8. • https://www.usom.gov.tr/bildirim/tr-24-0104 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4993 – Sensetive Data Exposure in Utarit's Soliclub
https://notcve.org/view.php?id=CVE-2023-4993
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users.This issue affects SoliPay Mobile App: before 5.0.8. Vulnerabilidad de gestión de privilegios inadecuada en la aplicación móvil SoliPay de Utarit Information Technologies permite recopilar datos proporcionados por los usuarios. Este problema afecta a la aplicación móvil SoliPay: versiones anteriores a 5.0.8. • https://www.usom.gov.tr/bildirim/tr-24-0104 • CWE-269: Improper Privilege Management CWE-648: Incorrect Use of Privileged APIs •