All 5 CVE vulnerabilities found in FULL – Cliente, with AI-generated Chinese analysis, references, and POCs.
Vendor: fullservices
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12023 | FULL – Cliente 3.1.5 - 3.1.25 - Authenticated (Subscriber+) SQL Injection CWE-89 | 6.5 | Medium | 2025-05-02 |
| CVE-2024-9211 | FULL – Cliente <= 3.1.22 - Reflected Cross-Site Scripting CWE-79 | 6.1 | Medium | 2024-10-11 |
| CVE-2024-6447 | FULL <= 3.1.12 - Unauthenticated Stored Cross-Site Scripting via License Plan Parameter CWE-79 | 7.2 | High | 2024-07-10 |
| CVE-2023-4243 | FULL - Customer <= 2.2.3 - Authenticated(Subscriber+) Improper Authorization to Arbitrary Plugin Installation CWE-285 | 8.8 | High | 2023-08-09 |
| CVE-2023-4242 | FULL - Customer <= 2.2.3 - Authenticated(Subscriber+) Information Disclosure via Health Check CWE-287 | 4.3 | Medium | 2023-08-09 |
All 5 known CVE vulnerabilities affecting FULL – Cliente with full Chinese analysis, references, and POCs where available.