This page aggregates publicly disclosed CVE and security risk information related to cdsoft, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-27247 | onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference. | [email protected] | 5.3 | 0.20% | 2022-05-13 | 2024-11-21 |
| CVE-2014-5737 | The CDsoft (aka com.wCDSOFT) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | [email protected] | 5.4 | 0.10% | 2014-09-09 | 2026-05-06 |