Lucene search
K

110 matches found

CNNVD
CNNVD
added 2025/06/24 12:0 a.m.4 views

Control iD iDSecure On-premises 授权问题漏洞

Control iD iDSecure On-premises is an access control software from Control iD, a Brazilian company, used to manage personnel and vehicle access. An authorization issue vulnerability exists in Control iD iDSecure On-premises version 4.7.48.0 and prior versions, which stems from improper...

9.8CVSS6.8AI score0.0048EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.7 views

Control iD iDSecure On-premises 注入漏洞

Control iD iDSecure On-premises is an access control software from Control iD, a Brazilian company, used to manage personnel and vehicle access. A SQL injection vulnerability exists in Control iD iDSecure On-premises version 4.7.48.0 and prior versions, which originates from SQL injection and cou...

9.3CVSS7.9AI score0.00445EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.4 views

Control iD iDSecure On-premises 代码问题漏洞

Control iD iDSecure On-premises is an access control software from Control iD, a Brazilian company, used to manage personnel and vehicle access. A code issue vulnerability exists in Control iD iDSecure On-premises version 4.7.48.0 and prior versions, which stems from server-side request forgery a...

8.7CVSS6.8AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.10 views

CVE-2023-33370

An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to cause the main web server of IDSecure to fault and crash, causing a denial of service...

7.5CVSS6.8AI score0.00629EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.10 views

CVE-2023-33367

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution...

9.8CVSS8.6AI score0.01068EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:4 a.m.4 views

CVE-2023-2044

A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unknown code of the component Dispositivos Page. The manipulation of the argument IP-DNS leads to cross site scripting. The attack can be initiated remotely. VDB-225922 is the...

6.1CVSS6.1AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:53 a.m.9 views

CVE-2023-0125

A vulnerability was found in Control iD Gerencia Web 1.30. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation of the argument Nome leads to cross site scripting. The attack can be launched remotely. The...

6.1CVSS6.2AI score0.00501EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:49 a.m.12 views

CVE-2023-6329

An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative use...

9.8CVSS7.1AI score0.65237EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.7 views

CVE-2023-2524

A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2//. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The...

9.8CVSS6.9AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.8 views

CVE-2023-2421

A vulnerability classified as problematic has been found in Control iD RHiD 23.3.19.0. Affected is an unknown function of the file /v2//add/department. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-227718 is the identifier...

6.1CVSS6.2AI score0.00576EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.11 views

CVE-2023-2043

A vulnerability, which was classified as problematic, was found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2/customerdb/operator.svc/a of the component Edit Handler. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack...

9.8CVSS7.4AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/12 11:30 a.m.13 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS7.3AI score0.0032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/12 11:25 a.m.8 views

CVE-2025-2124

A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/changepassword of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to...

5.1CVSS6.2AI score0.00286EPSS
Exploits0References1
OSV
OSV
added 2025/03/09 4:15 p.m.12 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

4.3CVSS4.9AI score0.0032EPSS
Exploits0References4
NVD
NVD
added 2025/03/09 4:15 p.m.34 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS0.0032EPSS
Exploits0References4
NVD
NVD
added 2025/03/09 4:15 p.m.10 views

CVE-2025-2124

A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/changepassword of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to...

5.1CVSS0.00286EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/09 4:0 p.m.34 views

CVE-2025-2125 Control iD RH iD PDF Document companyId resource injection

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS0.0032EPSS
Exploits0References4
CVE
CVE
added 2025/03/09 4:0 p.m.67 views

CVE-2025-2125

CVE-2025-2125 affects Control iD RH iD 25.2.25.0, specifically the PDF Document Handler. The vulnerability lies in the handling of the parameter nsr for the endpoint /v2/report.svc/comprovante_marcacao/?companyId=1, causing improper control of resource identifiers. The issue is exploitable remote...

5.3CVSS4.9AI score0.0032EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/09 4:0 p.m.6 views

CVE-2025-2125 Control iD RH iD PDF Document companyId resource injection

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS7.3AI score0.0032EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/09 3:31 p.m.14 views

CVE-2025-2124 Control iD RH iD API change_password cross site scripting

A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/changepassword of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to...

5.1CVSS0.00286EPSS
Exploits0References4
Rows per page
Query Builder