Lucene search

Rengine Security Vulnerabilities

cve

CVE-2023-50094

reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via...

8.8CVSS

9AI Score

0.002EPSS

2024-01-01 06:15 PM

cve

CVE-2022-36566

Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine...

9.8CVSS

9.7AI Score

0.003EPSS

2022-08-31 06:15 PM

cve

CVE-2022-1813

OS Command Injection in GitHub repository yogeshojha/rengine prior to...

9.8CVSS

9.7AI Score

0.002EPSS

2022-05-22 04:15 PM

cve

CVE-2022-28995

Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration...

9.8CVSS

9.9AI Score

0.006EPSS

2022-05-20 07:15 PM

cve

CVE-2021-39491

A Cross Site Scripting (XSS) vulnerability exists in Yogesh Ojha reNgine v1.0 via the Scan Engine name file in the Scan Engine deletion confirmation modal box ....

5.4CVSS

5.2AI Score

0.001EPSS

2022-03-24 03:15 PM

cve

CVE-2021-38606

reNgine through 0.5 relies on a predictable directory...

9.8CVSS

9.4AI Score

0.002EPSS

2021-08-12 04:15 PM