Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVD•added 2018/01/15 9:29 p.m.•6 views

CVE-2018-5329

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

8.8CVSS8.8AI score0.00246EPSS
Exploits1References1
Prion
Prion•added 2018/01/15 9:29 p.m.•13 views

Code injection

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

7.5CVSS9.2AI score0.00457EPSS
Exploits1References1Affected Software1
Prion
Prion•added 2018/01/15 9:29 p.m.•17 views

Cross site request forgery (csrf)

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

6.8CVSS8.7AI score0.00246EPSS
Exploits1References1Affected Software1
NVD
NVD•added 2018/01/15 9:29 p.m.•10 views

CVE-2018-5328

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

9.8CVSS9.3AI score0.00457EPSS
Exploits1References1
Cvelist
Cvelist•added 2018/01/15 9:0 p.m.•11 views

CVE-2018-5328

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

9.3AI score0.00457EPSS
Exploits1References1
Cvelist
Cvelist•added 2018/01/15 9:0 p.m.•14 views

CVE-2018-5329

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

8.8AI score0.00246EPSS
Exploits1References1
CVE
CVE•added 2018/01/15 9:0 p.m.•40 views

CVE-2018-5329

CVE-2018-5329 concerns ZUUSE BEIMS ContractorWeb .NET 5.18.0.0, with a CSRF vulnerability on authenticated “/CWEBNET/” pages. The root cause is cross-site request forgery that can force state-changing actions such as creating users or changing an email, potentially compromising the web applicatio...

8.8CVSS8.7AI score0.00246EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder