Topmanage

topmanage

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-6845 1Topmanage 1Olk Webstore Jun 17, 2026 Feb 18, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack.
CVE-2020-6844 1Topmanage 1Olk Webstore Jun 17, 2026 Feb 18, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.
CVE-2010-2686 1Topmanage 1Olk Module Apr 29, 2026 Jul 12, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP allow remote attackers to execute arbitrary SQL commands via the (1) PriceFrom, (2) PriceTo, and (3) InvFrom parameters,...Show more Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP allow remote attackers to execute arbitrary SQL commands via the (1) PriceFrom, (2) PriceTo, and (3) InvFrom parameters, as reachable from olk/c_p/searchCart.asp, and other unspecified vectors when performing an advanced search. NOTE: some of these details are obtained from third party information.Show less