Aggregates CVE and security vulnerability intelligence across all transtek-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-38771 | The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request. | [email protected] | 9.8 | 1.16% | 2022-09-13 | 2024-11-21 |
| CVE-2022-38770 | The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch other users' data upon a successful login request. | [email protected] | 5.3 | 0.18% | 2022-09-13 | 2024-11-21 |
| CVE-2022-38769 | The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch cleartext passwords upon a successful login request. | [email protected] | 7.5 | 0.24% | 2022-09-13 | 2024-11-21 |
| CVE-2022-38768 | The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to bypass authorization. | [email protected] | 9.8 | 1.01% | 2022-09-13 | 2024-11-21 |