Lucene search
K

6 matches found

NVD
NVD
added 2026/06/15 12:16 p.m.17 views

CVE-2026-34028

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyIdID/Audio/ and...

6.9CVSS0.00397EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:4 a.m.8 views

CVE-2026-34028 Unauthenticated direct access to web data in Wertheim SafeController Software exposes files

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyIdID/Audio/ and...

6.9CVSS5.2AI score0.00397EPSS
Exploits1References2
Malwarebytes
Malwarebytes
added 2025/12/03 2:12 p.m.12 views

How attackers use real IT tools to take over your computer

A new wave of attacks is exploiting legitimate Remote Monitoring and Management RMM tools like LogMeIn Resolve formerly GoToResolve and PDQ Connect to remotely control victims’ systems. Instead of dropping traditional malware, attackers trick people into installing these trusted IT support progra...

7.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.8 views

CVE-2022-25228

CandidATS Version 3.0.0 Beta allows an authenticated user to inject SQL queries in '/index.php?m=settings=show' via the 'userID' parameter, in '/index.php?m=candidates=show' via the 'candidateID', in '/index.php?m=joborders=show' via the 'jobOrderID' and '/index.php?m=companies=show' via the...

6.5CVSS7.3AI score0.00844EPSS
Exploits1References1
CVE
CVE
added 2022/08/18 7:29 p.m.64 views

CVE-2022-25228

CVE-2022-25228 : Affected software is CandidATS 3.0.0 Beta. An authenticated user can inject SQL via parameters on several endpoints: /index.php?m=settings&a=show (userID), /index.php?m=candidates&a=show (candidateID), /index.php?m=joborders&a=show (jobOrderID), and /index.php?m=companies&a=show ...

6.5CVSS6.6AI score0.00844EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2016/07/27 12:0 a.m.43 views

Live800 referrerSta. jsp companyID SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder