Aggregates CVE and security vulnerability intelligence across all marmotech-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk sql injection; exposure may include vendor impact data exposure in vendor surface production workloads and vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-25704 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filter_user_mail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25702 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_project parameter. Attackers can send crafted requests with malicious SQL statements in the id_project parameter to extract sensitive database information or modify data. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25700 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the sort_direction parameter. Attackers can submit malicious SQL statements in the sort_direction parameter to extract sensitive database information or modify data. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25698 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_to_delete parameter. Attackers can send crafted requests with malicious SQL statements in the id_to_delete field to extract or modify sensitive database information. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25696 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the language_tag parameter. Attackers can submit malicious SQL statements in the language_tag parameter to extract sensitive database information or modify data. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25694 | Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user2reset parameter. Attackers can send crafted requests with malicious SQL payloads to extract sensitive database information or modify data. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25692 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id_to_modify' parameter. Attackers can send crafted requests with malicious SQL statements in the id_to_modify field to extract sensitive database information or modify data. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25690 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the mng_profile_id parameter. Attackers can send crafted requests with malicious SQL payloads in the mng_profile_id parameter to extract sensitive database information. | [email protected] | 8.8 | 0.03% | 2026-04-05 | 2026-04-07 |
| CVE-2019-25688 | Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the menu_lev1 parameter. Attackers can send crafted requests with malicious SQL payloads in the menu_lev1 parameter to extract sensitive database information or modify database contents. | [email protected] | 8.8 | 0.07% | 2026-04-05 | 2026-04-07 |