MidnightBSD

Advisories for logint

CVE-2024-32210

The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard-coded passwords by default for forms and SQL connections.

Products Affected

Vendor Product Version
logint lomag_warehouse_management *
CVE-2024-32211

An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components.

Products Affected

Vendor Product Version
logint lomag_warehouse_management *
CVE-2024-32212

SQL Injection vulnerability in LOGINT LoMag Inventory Management v1.0.20.120 and before allows an attacker to execute arbitrary code via the ArticleGetGroups, DocAddDocument, ClassClickShop and frmSettings components.

Products Affected

Vendor Product Version
logint lomag_warehouse_management *
CVE-2024-32213

The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. By default, hard-coded passwords of 10 characters with little or no complexity are allowed.

Products Affected

Vendor Product Version
logint lomag_warehouse_management *