Filtered by vendor Wakyma
Subscriptions
Filtered by product Wakyma
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3022 | 1 Wakyma | 2 Wakyma, Wakyma Application Web | 2026-03-19 | 6.5 Medium |
| Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/hospitalization/generate-hospitalization-summary'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting special NoSQL commands, resulting in the attacker being able to obtain customer reports. | ||||
| CVE-2026-3023 | 1 Wakyma | 2 Wakyma, Wakyma Application Web | 2026-03-19 | 8.8 High |
| Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/pets/print-tags'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting NoSQL commands, allowing them to list both pets and owner names. | ||||
| CVE-2026-3024 | 1 Wakyma | 2 Wakyma, Wakyma Application Web | 2026-03-19 | 5.4 Medium |
| Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges. | ||||
Page 1 of 1.