Lucene search
K

242 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:2 a.m.7 views

CVE-2023-27376

Missing authentication in the StudentPopupDetailsStudentDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.2AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.7 views

CVE-2023-26578

Arbitrary file upload to web root in the IDAttend’s IDWeb application 3.1.013 allows authenticated attackers to upload dangerous files to web root such as ASP or ASPX, gaining command execution on the affected server...

8.8CVSS7.1AI score0.01463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.5 views

CVE-2023-26582

Unauthenticated SQL injection in the GetExcursionDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.8CVSS8.1AI score0.00556EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.8 views

CVE-2023-26568

Unauthenticated SQL injection in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.8CVSS8.1AI score0.00759EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.5 views

CVE-2023-26577

Stored cross-site scripting in the IDAttend’s IDWeb application 3.1.052 and earlier allows attackers to hijack the browsing session of the logged in user...

7.5CVSS6.1AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.8 views

CVE-2023-26580

Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers...

7.5CVSS7.1AI score0.00662EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.8 views

CVE-2023-26579

Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers...

5.3CVSS7AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:31 a.m.4 views

CVE-2023-27260

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.8CVSS8.1AI score0.00556EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:59 a.m.4 views

CVE-2023-1356

Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.052 and earlier allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link...

7.5CVSS6.2AI score0.00444EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.6 views

CVE-2023-27375

Missing authentication in the StudentPopupDetailsContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.1AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.5 views

CVE-2023-27256

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

5.8CVSS7.1AI score0.00559EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.4 views

CVE-2023-27257

Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student information by unauthenticated attackers...

7.5CVSS7AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.3 views

CVE-2023-27259

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...

7.5CVSS7.1AI score0.00508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.5 views

CVE-2023-26570

Missing authentication in the StudentPopupDetailsTimetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers...

7.5CVSS7.1AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.7 views

CVE-2023-27261

Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers...

6.5CVSS7.3AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.4 views

CVE-2023-26576

Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers...

7.5CVSS7.1AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.5 views

CVE-2023-26573

Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials...

9.1CVSS7AI score0.00724EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:28 a.m.4 views

CVE-2023-27258

Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student and teacher data by unauthenticated attackers...

7.5CVSS7.2AI score0.00508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:27 a.m.3 views

CVE-2023-27377

Missing authentication in the StudentPopupDetailsEmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.1AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:26 a.m.3 views

CVE-2023-27262

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.8CVSS8.1AI score0.00759EPSS
Exploits0References1
Rows per page
Query Builder