Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

EUVD
EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-8877

Malware in sbrugna...

9.8CVSS9.4AI score0.06936EPSS
Exploits4References8
CNVD
CNVD•added 2018/01/18 12:0 a.m.•1 views

ZUUSE BEIMS ContractorWeb .NET Unauthorized Operation Vulnerability

ZUUSE BEIMS ContractorWeb .NET is a suite of infrastructure management software from ZUUSE Australia. An unauthorized operation vulnerability exists in ZUUSE BEIMS ContractorWeb .NET version 5.18.0.0. An attacker can exploit this vulnerability to access multiple /UserManagement/privileged modules...

9.8CVSS6.9AI score0.00457EPSS
Exploits1References1
CNVD
CNVD•added 2018/01/18 12:0 a.m.•1 views

ZUUSE BEIMS ContractorWeb .NET Cross-Site Request Forgery Vulnerability

ZUUSE BEIMS ContractorWeb .NET is a suite of infrastructure management software from ZUUSE Australia. A cross-site request forgery vulnerability exists in the /CWEBNET/ authenticated page in ZUUSE BEIMS ContractorWeb .NET version 5.18.0.0. A remote attacker could exploit this vulnerability to...

8.8CVSS6.8AI score0.00246EPSS
Exploits1References1
Prion
Prion•added 2018/01/15 9:29 p.m.•11 views

Code injection

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

7.5CVSS9.2AI score0.00457EPSS
Exploits1References1Affected Software1
NVD
NVD•added 2018/01/15 9:29 p.m.•6 views

CVE-2018-5329

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

8.8CVSS8.8AI score0.00246EPSS
Exploits1References1
Prion
Prion•added 2018/01/15 9:29 p.m.•12 views

Cross site request forgery (csrf)

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

6.8CVSS8.7AI score0.00246EPSS
Exploits1References1Affected Software1
NVD
NVD•added 2018/01/15 9:29 p.m.•10 views

CVE-2018-5328

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

9.8CVSS9.3AI score0.00457EPSS
Exploits1References1
OSV
OSV•added 2018/01/15 9:29 p.m.•1 views

CVE-2018-5329

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

8.8CVSS5.8AI score0.00246EPSS
Exploits1References1
Cvelist
Cvelist•added 2018/01/15 9:0 p.m.•11 views

CVE-2018-5328

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details...

9.3AI score0.00457EPSS
Exploits1References1
CVE
CVE•added 2018/01/15 9:0 p.m.•38 views

CVE-2018-5328

CVE-2018-5328 affects ZUUSE BEIMS ContractorWeb .NET 5.18.0.0. The vulnerability allows access to multiple /UserManagement/ privileged modules without user authentication, enabling an attacker to perform unauthorized actions (demonstrated by editing user details). The root cause is insufficient a...

9.8CVSS9.1AI score0.00457EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist•added 2018/01/15 9:0 p.m.•14 views

CVE-2018-5329

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery CSRF on /CWEBNET/ authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can...

8.8AI score0.00246EPSS
Exploits1References1
CVE
CVE•added 2018/01/15 9:0 p.m.•36 views

CVE-2018-5329

CVE-2018-5329 concerns ZUUSE BEIMS ContractorWeb .NET 5.18.0.0, with a CSRF vulnerability on authenticated “/CWEBNET/” pages. The root cause is cross-site request forgery that can force state-changing actions such as creating users or changing an email, potentially compromising the web applicatio...

8.8CVSS8.7AI score0.00246EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm•added 2017/12/20 12:0 a.m.•40 views

BEIMS ContractorWeb 5.18.0.0 SQL Injection

Exploit Title: SQL Injection Date: 18 December, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://www.beims.com/products/ Software Link: http://www.beims.com/optional-modules/ccw Version: BEIMS ContractorWeb .NET System 5.18.0.0 CVE : 2017-17721 Vulnerability Details:...

0.2AI score0.06936EPSS
Exploits4
exploitpack
exploitpack•added 2017/12/20 12:0 a.m.•30 views

BEIMS ContractorWeb 5.18.0.0 - SQL Injection

BEIMS ContractorWeb 5.18.0.0 - SQL Injection Exploit Title: SQL Injection Date: 18 December, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://www.beims.com/products/ Software Link: http://www.beims.com/optional-modules/ccw Version: BEIMS ContractorWeb .NET System 5.18.0.0 CVE :...

7.5CVSS0.3AI score0.06936EPSS
Exploits4
CNVD
CNVD•added 2017/12/20 12:0 a.m.•1 views

ZUUSE BEIMS ContractorWeb .NET SQL Injection Vulnerability

ZUUSE BEIMS ContractorWeb .NET is a suite of infrastructure management software from ZUUSE Australia. A SQL injection vulnerability exists in CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET version 5.18.0.0. A remote attacker could exploit this vulnerability to compromise a database or...

9.8CVSS8AI score0.06936EPSS
Exploits4References1
0day.today
0day.today•added 2017/12/20 12:0 a.m.•36 views

BEIMS ContractorWeb 5.18.0.0 - SQL Injection Vulnerability

Exploit for windows platform in category web applications Exploit Title: SQL Injection Date: 18 December, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://www.beims.com/products/ Software Link: http://www.beims.com/optional-modules/ccw Version: BEIMS ContractorWeb .NET System 5.18.0.0...

7.5CVSS0.1AI score0.06936EPSS
Exploits4
Exploit DB
Exploit DB•added 2017/12/20 12:0 a.m.•65 views

BEIMS ContractorWeb 5.18.0.0 - SQL Injection

Exploit Title: SQL Injection Date: 18 December, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://www.beims.com/products/ Software Link: http://www.beims.com/optional-modules/ccw Version: BEIMS ContractorWeb .NET System 5.18.0.0 CVE : 2017-17721 Vulnerability Details:...

9.8CVSS9.7AI score0.06936EPSS
Exploits4
OSV
OSV•added 2017/12/18 4:29 p.m.•2 views

CVE-2017-17721

CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter...

9.8CVSS5.8AI score0.06936EPSS
Exploits4References6
Prion
Prion•added 2017/12/18 4:29 p.m.•8 views

Sql injection

CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter...

7.5CVSS9.8AI score0.06936EPSS
Exploits4References6Affected Software1
NVD
NVD•added 2017/12/18 4:29 p.m.•8 views

CVE-2017-17721

CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter...

9.8CVSS9.9AI score0.06936EPSS
Exploits4References6
Rows per page
Query Builder