Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/11/18 3:5 a.m.3 views

CVE-2025-10460

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS8.2AI score0.00062EPSS
Exploits0References1
NVD
NVDadded 2025/11/17 3:15 a.m.2 views

CVE-2025-10460

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS0.00062EPSS
Exploits0References2
EUVD
EUVDadded 2025/11/17 2:48 a.m.1 views

EUVD-2025-197751

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS7.6AI score0.00062EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/11/17 2:48 a.m.4 views

CVE-2025-10460 Unsanitized parameter input leading to SQL Injection vulnerability

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS7.7AI score0.00062EPSS
Exploits0References2
CVE
CVEadded 2025/11/17 2:48 a.m.10 views

CVE-2025-10460

Summary: CVE-2025-10460 is a SQL Injection vulnerability in FMI/BEIMS Contractor Web. Affected component: the /BEIMSWeb/contractor.asp endpoint on BEIMS Contractor Web (version 5.7.139 is confirmed vulnerable). Root cause: improper input validation leading to unsanitized parameter input that can ...

9.4CVSS7.8AI score0.00062EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/17 2:48 a.m.5 views

CVE-2025-10460 Unsanitized parameter input leading to SQL Injection vulnerability

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS0.00062EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/17 12:0 a.m.2 views

FMI BEIMS Contractor Web 安全漏洞

FMI BEIMS Contractor Web is a module for a facility management system from FMI Australia. A security vulnerability exists in FMI BEIMS Contractor Web version 5.7.139, which originates from improper validation of /BEIMSWeb/contractor.asp endpoint inputs and could lead to a SQL injection attack...

9.4CVSS7.6AI score0.00062EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/11/17 12:0 a.m.1 views

PT-2025-47106

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS8.2AI score0.00062EPSS
Exploits0References3
OSV
OSVadded 2018/01/15 9:29 p.m.2 views

CVE-2018-5328

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

9.8CVSS5.8AI score0.00457EPSS
Exploits1References1
Rows per page
Query Builder