CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

CVE-2026-10597

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS5.5AI score0.00039EPSS

Exploits0References1

NVD•added 2026/06/04 3:16 a.m.•7 views

CVE-2026-10597

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS0.00039EPSS

Exploits0References2

CVE•added 2026/06/04 2:19 a.m.•13 views

CVE-2026-10597

Affected product/vendor: OMICARD EDM — ITPison. Vulnerability: Insecure Direct Object Reference (IDOR) that allows unauthenticated remote attackers to modify a specific parameter to obtain a user’s email address. Impact (as described): Unauthorized disclosure of user email information due to IDOR...

6.9CVSS5.8AI score0.00039EPSS

Exploits0References2

EUVD•added 2026/06/04 2:19 a.m.•8 views

EUVD-2026-34196

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS5.8AI score0.00039EPSS

Exploits0References2

Positive Technologies•added 2026/06/04 12:0 a.m.•7 views

PT-2026-46130

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS5.8AI score0.00039EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-44462

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00225EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-38108

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00603EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-36031

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02552EPSS

Exploits0References2

NVD•added 2024/05/15 3:15 a.m.•7 views

CVE-2024-4894

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery SSRF attacks. This vulnerability enables attackers to probe internal network information...

5.3CVSS5.4AI score0.00225EPSS

Exploits0References2

Cvelist•added 2024/05/15 2:53 a.m.•7 views

CVE-2024-4894 ITPison OMICARD EDM - Server-Side Request Forgery

5.3CVSS5.7AI score0.00225EPSS

Exploits0References2

NVD•added 2023/12/15 5:15 a.m.•9 views

CVE-2023-48373

ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

7.5CVSS0.00102EPSS

Exploits0References1

OSV•added 2023/12/15 5:15 a.m.•4 views

CVE-2023-48372

ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...

9.8CVSS6AI score0.00674EPSS

Exploits0References1

Prion•added 2023/12/15 5:15 a.m.•19 views

Path traversal

5CVSS7.7AI score0.00102EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/12/15 4:27 a.m.•9 views

CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal

7.5CVSS7.8AI score0.00102EPSS

Exploits0References1

Cvelist•added 2023/12/15 4:27 a.m.•10 views

CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal

7.5CVSS8AI score0.00102EPSS

Exploits0References1

Cvelist•added 2023/12/15 4:18 a.m.•12 views

CVE-2023-48372 ITPison OMICARD EDM 's SMS - SQL Injection

9.8CVSS10AI score0.00674EPSS

Exploits0References1

OSV•added 2023/12/15 4:15 a.m.•2 views

CVE-2023-48371

ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service...

9.8CVSS6AI score

Exploits0References1

NVD•added 2023/12/15 4:15 a.m.•8 views

CVE-2023-48371

9.8CVSS0.0061EPSS

Exploits0References1

CNNVD•added 2023/12/15 12:0 a.m.•19 views

ITPison OMICARD EDM Security Vulnerability

ITPison OMICARD EDM is a high speed newsletter EDM marketing and distribution system from China ITPison company. A security vulnerability exists in ITPison OMICARD EDM v6.0.1.5, which originates from the file upload feature not restricting the upload of dangerous types of files, and can be...

9.8CVSS7.6AI score0.0061EPSS

Exploits0References2

CNNVD•added 2023/12/15 12:0 a.m.•2 views

ITPison OMICARD EDM SQL Injection Vulnerability

ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from ITPison, China. A SQL injection vulnerability exists in ITPison OMICARD EDM v6.0.1.5, which stems from insufficient validation of user input in SMS related functions, and can be exploited by a remote attacke...

9.8CVSS8.2AI score0.00674EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by