Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2021/01/06 12:0 a.m.227 views

Newgen Correspondence Management System eGov 12.0 Insecure Direct Object Reference

Exploit Title: Newgen Correspondence Management System corms eGov 12.0 - IDOR Date: 29 Dec 2020 Exploit Author: ALI AL SINAN Vendor Homepage: https://newgensoft.com Software Link: https://newgensoft.com/solutions/industries/government/e-gov-office/ Version: eGov 12.0 Tested on: JBoss EAP 7 CVE :...

5CVSS7.7AI score0.10313EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.268 views

Newgen Correspondence Management System (corms) eGov 12.0 - IDOR

Exploit Title: Newgen Correspondence Management System corms eGov 12.0 - IDOR Date: 29 Dec 2020 Exploit Author: ALI AL SINAN Vendor Homepage: https://newgensoft.com Software Link: https://newgensoft.com/solutions/industries/government/e-gov-office/ Version: eGov 12.0 Tested on: JBoss EAP 7 CVE :...

7.5CVSS7.7AI score0.10313EPSS
Exploits3
OSV
OSV
added 2020/12/30 8:15 p.m.4 views

CVE-2020-35737

In Correspondence Management System corms in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference...

7.5CVSS7.1AI score
Exploits0References3
Prion
Prion
added 2020/12/30 8:15 p.m.13 views

Design/Logic Flaw

In Correspondence Management System corms in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference...

5CVSS7.4AI score0.10313EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2020/12/30 7:39 p.m.105 views

CVE-2020-35737

CVE-2020-35737 affects Newgen eGov 12.0, specifically the Correspondence Management System (corms). The vulnerability is an Insecure Direct Object Reference caused by an unvalidated UserIndex parameter in the personal settings page, allowing an attacker to modify other users’ profile information....

7.5CVSS7.3AI score0.10313EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2020/12/30 7:39 p.m.28 views

CVE-2020-35737

In Correspondence Management System corms in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference...

7.4AI score0.10313EPSS
Exploits3References3
CNNVD
CNNVD
added 2020/12/30 12:0 a.m.7 views

Newgen Egov Correspondence Management System Security Breach

Newgen Egov Correspondence Management System is a correspondence management software for office environments from Newgen USA. A security vulnerability exists in Newgen eGov 12.0 Correspondence Management System, which can be exploited by an attacker to modify another user's personal information...

7.5CVSS5.7AI score0.10313EPSS
Exploits3References5
Rows per page
Query Builder