CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

OSV•added 2017/12/18 4:29 p.m.•2 views

CVE-2017-17721

CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter...

9.8CVSS5.8AI score0.06936EPSS

Exploits4References6

CVE•added 2017/12/18 4:0 p.m.•66 views

CVE-2017-17721

CVE-2017-17721 describes an SQL injection vulnerability in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0, specifically in WEBNET/WOSummary/List (CWEBNET/WOSummary/List). The underlying issue allows injection via multiple parameters: tradestatus, assetno, assignto, building, domain, jobtype, site, trade...

9.8CVSS9.8AI score0.06936EPSS

Exploits4References6Affected Software1