Lucene search
K

57 matches found

NVD
NVD
added 2025/04/25 9:15 p.m.21 views

CVE-2025-32982

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...

7.5CVSS0.00337EPSS
Exploits0References1
OSV
OSV
added 2025/04/25 9:15 p.m.8 views

CVE-2025-32982

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/25 12:0 a.m.6 views

CVE-2025-32982

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...

7.6AI score0.00337EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/25 12:0 a.m.5 views

PT-2025-17940 · Netscout · Ngeniusone

Name of the Vulnerable Software and Affected Versions: NETSCOUT nGeniusONE versions prior to 6.4.0 b2350 Description: The issue is related to a Broken Authorization Schema for the report module. This means that there is a flaw in how authorization is handled, potentially allowing unauthorized...

7.5CVSS6.2AI score0.00337EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/25 12:0 a.m.13 views

CVE-2025-32982

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...

0.00337EPSS
Exploits0References1
CVE
CVE
added 2025/04/25 12:0 a.m.56 views

CVE-2025-32982

NETSCOUT nGeniusONE prior to 6.4.0 b2350 is affected by a Broken Authorization Schema in the report module (CVE-2025-32982). The CVE details indicate a high-severity impact (CVSS 3.1: 7.5; Confidentiality impact H, Integrity/Availability none) due to an authorization flaw that could enable unauth...

7.5CVSS6.8AI score0.00337EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2023/04/27 12:0 a.m.422 views

ChurchCRM v4.5.3 - Authenticated SQL Injection

Exploit Title: ChurchCRM 4.5.3 - Authenticated SQL Injection Date: 27-04-2023 Exploit Author: Iyaad Luqman K Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Tested Version: 4.5.1 Tested on: Windows, Linux CVE: CVE-2023-24685 ChurchCRM v4.5.3 and belo...

7.2CVSS7AI score0.01023EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2022/12/27 12:0 a.m.5 views

PT-2022-27642 · Hillstone · Hillstone Firewall Sg-6000

Name of the Vulnerable Software and Affected Versions: Hillstone Firewall SG-6000 versions 5.0.4.0 and earlier Description: The issue is related to incorrect access control, allowing an attacker to bypass permissions and gain super administrator privileges in the background of the firewall. This ...

9.8CVSS9.3AI score0.0073EPSS
Exploits0References3
OSV
OSV
added 2022/11/23 6:15 p.m.5 views

CVE-2022-40772

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...

6.5CVSS5.8AI score0.0296EPSS
Exploits0References2
NVD
NVD
added 2022/11/23 6:15 p.m.21 views

CVE-2022-40772

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...

6.5CVSS0.0296EPSS
Exploits0References2
Prion
Prion
added 2022/11/23 6:15 p.m.18 views

Input validation

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...

4CVSS6.3AI score0.0296EPSS
Exploits0References2Affected Software4
Cvelist
Cvelist
added 2022/11/23 12:0 a.m.24 views

CVE-2022-40772

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...

6.6AI score0.0296EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.6 views

CVE-2022-40772

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...

6.4AI score0.0296EPSS
Exploits0References2
CVE
CVE
added 2022/11/23 12:0 a.m.82 views

CVE-2022-40772

CVE-2022-40772 affects Zoho ManageEngine ServiceDesk Plus versions 13010 and earlier. A validation bypass in the report module allows an attacker to access sensitive data. Public details in the initial and linked records confirm the affected product/version and the data exposure via the report mo...

6.5CVSS6.3AI score0.0296EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/21 12:0 a.m.4 views

PT-2022-25531 · Zoho · Zoho Manageengine Servicedesk Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions 13010 and prior Description: The issue is related to a validation bypass that allows users to access sensitive data via the report module. This is due to improper input validation, which can lead to...

6.5CVSS6.5AI score0.0296EPSS
Exploits0References8
NVD
NVD
added 2022/09/13 3:15 p.m.23 views

CVE-2022-38538

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...

9.8CVSS0.00861EPSS
Exploits0References3
OSV
OSV
added 2022/09/13 3:15 p.m.14 views

CVE-2022-38538

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...

9.8CVSS8.2AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/09/13 3:15 p.m.7 views

CVE-2022-38538

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...

9.8CVSS5.8AI score0.00861EPSS
Exploits0References4
Prion
Prion
added 2022/09/13 3:15 p.m.17 views

Sql injection

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...

7.5CVSS9.7AI score0.00861EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/09/13 12:0 a.m.5 views

Archery SQL注入漏洞

Archery is a set of open source vulnerability assessment and management tools. A security vulnerability exists in Archery versions v1.7.0 through v1.8.5, which stems from the checksum parameter in the report module containing a SQL injection vulnerability...

9.8CVSS8.5AI score0.00861EPSS
Exploits0References4
Rows per page
Query Builder