CVE-2023-4993
7.5 HIGHIncorrect Use of Privileged APIs vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by U...
Published: 2024-02-15 · Last updated: 2026-05-20
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-648
Affected products
| Vendor | Product |
|---|---|
| utarit | solipay_mobile |
Description
Incorrect Use of Privileged APIs vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users. This issue affects SoliPay Mobile App: before 5.0.8.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2025-7358 — Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc (7.5 HIGH)
- CVE-2025-7047 — Missing Authorization vulnerability in Utarit Informatics Services Inc (4.3 MEDIUM)
- CVE-2025-1031 — Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc (7.5 HIGH)
- CVE-2025-1030 — Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc (7.5 HIGH)
- CVE-2025-1029 — Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc (7.5 HIGH)
Same CWE
- CVE-2026-9560 — Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary command... (7.8 HIGH)
- CVE-2025-1161 — Incorrect Use of Privileged APIs vulnerability in NomySoft Information Technology Training and Consulting Inc (7.1 HIGH)
- CVE-2025-63291 — When processing API requests, the Alteryx server 2022.1.1.42654 and 2024.1 used MongoDB object IDs to uniquely identify the data being re... (5.4 MEDIUM)
- CVE-2025-5997 — Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse (8.8 HIGH)
- CVE-2025-2311 — Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in ... (9.0 CRITICAL)