Lucene search
+L

67 matches found

osv
osv
added 2023/04/27 2:15 a.m.4 views

CVE-2023-24836

SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...

8.8CVSS7.5AI score0.01192EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/27 12:0 a.m.7 views

CVE-2023-24836 SUNNET CTMS - Path Traversal

SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...

8.8CVSS8.8AI score0.01192EPSS
Exploits0References1
cve
cve
added 2023/04/27 12:0 a.m.42 views

CVE-2023-24836

CVE-2023-24836 affects SUNNET CTMS. The vulnerability is a path traversal flaw in the file-uploading function that an authenticated remote attacker with general user privileges can exploit to upload and execute scripts in arbitrary directories, enabling arbitrary system operations or service disr...

8.8CVSS8.9AI score0.01192EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/04/27 12:0 a.m.5 views

PT-2023-19816 · Unknown · Sunnet Ctms

Name of the Vulnerable Software and Affected Versions: SUNNET CTMS affected versions not specified Description: The issue is related to a path traversal vulnerability within the file uploading function of SUNNET CTMS. This allows an authenticated remote attacker with general user privileges to...

8.8CVSS8.6AI score0.01192EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/04/27 12:0 a.m.7 views

SUNNET CTMS 路径遍历漏洞

SUNNET SUNNET CTMS is a learning platform from Taiwan-based SUNNET Technology Corporation. SUNNET CTMS suffers from a path traversal vulnerability, which originates from the presence of a path traversal vulnerability that can be exploited by an authenticated, remote attacker with general user...

8.8CVSS8.3AI score0.01192EPSS
Exploits0References2
cvelist
cvelist
added 2023/04/27 12:0 a.m.28 views

CVE-2023-24836 SUNNET CTMS - Path Traversal

SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...

8.8CVSS9AI score0.01192EPSS
Exploits0References1
openbugbounty
openbugbounty
added 2023/01/14 6:15 a.m.10 views

ctms.engin.umich.edu Cross Site Scripting vulnerability OBB-3149043

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
nvd
nvd
added 2022/01/20 7:15 p.m.32 views

CVE-2021-44245

An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System CTMS 1.0 via the 1 username and 2 contactno parameters...

9.8CVSS0.01444EPSS
Exploits1References2
prion
prion
added 2022/01/20 7:15 p.m.14 views

Sql injection

An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System CTMS 1.0 via the 1 username and 2 contactno parameters...

7.5CVSS9.8AI score0.01444EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2022/01/20 6:38 p.m.30 views

CVE-2021-44245

An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System CTMS 1.0 via the 1 username and 2 contactno parameters...

10AI score0.01444EPSS
Exploits1References2
cve
cve
added 2022/01/20 6:38 p.m.49 views

CVE-2021-44245

CVE-2021-44245 affects Courcecodester COVID 19 Testing Management System (CTMS) 1.0. A SQL injection flaw exists in the username and contactno parameters, arising from inadequate input filtering. Exploitation could lead to arbitrary SQL execution, with high/severe impact (per CVSS metrics: HIGH/C...

9.8CVSS9.8AI score0.01444EPSS
Exploits1References2Affected Software1
nvd
nvd
added 2013/10/16 3:55 p.m.17 views

CVE-2013-5762

Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration...

2.4CVSS5.2AI score0.00253EPSS
Exploits0References1
prion
prion
added 2013/10/16 3:55 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration...

2.4CVSS5.8AI score0.00253EPSS
Exploits0References1Affected Software1
cve
cve
added 2013/10/16 3:0 p.m.46 views

CVE-2013-5762

Technical details for CVE-2013-5762 are not publicly available in the provided documents. Monitor for updates; no vulnerability specifics (product, version, impact, or fix) are disclosed here.

2.4CVSS5.4AI score0.00253EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2013/10/16 3:0 p.m.27 views

CVE-2013-5762

Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration...

5.2AI score0.00253EPSS
Exploits0References1
prion
prion
added 2013/10/01 12:55 a.m.19 views

Design/Logic Flaw

The Media Snapshot implementation on Cisco TelePresence Multipoint Switch CTMS devices allows remote authenticated users to cause a denial of service device reload by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796...

6.3CVSS6.8AI score0.01832EPSS
Exploits0References3
cvelist
cvelist
added 2013/10/01 12:0 a.m.20 views

CVE-2013-5516

The Media Snapshot implementation on Cisco TelePresence Multipoint Switch CTMS devices allows remote authenticated users to cause a denial of service device reload by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796...

6.3AI score0.01832EPSS
Exploits0References3
cve
cve
added 2013/10/01 12:0 a.m.44 views

CVE-2013-5516

The CVE-2013-5516 issue affects Cisco TelePresence Multipoint Switch (CTMS) Media Snapshot handling. A remote, authenticated attacker can cause a DoS (device reload) by sending continuous Media Snapshot requests during meeting termination. Affected component: Media Snapshot code; root cause: impr...

6.3CVSS6.5AI score0.01832EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2012/07/27 12:0 a.m.29 views

Cisco TelePresence Multipoint Switch XML-RPC DoS (cisco-sa-20110223-telepresence-ctms)

According to its self-reported version number, the version of Cisco TelePresence Multipoint Switch running on the remote host has a denial of service vulnerability. Sending a malicious XML-RPC request to TCP port 9000 could crash the call geometry process. A remote, unauthenticated attacker could...

7.8CVSS5.5AI score0.0257EPSS
Exploits0References2
prion
prion
added 2011/02/25 12:0 p.m.20 views

Design/Logic Flaw

The Java Servlet framework on Cisco TelePresence Multipoint Switch CTMS devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253...

10CVSS8.6AI score0.05942EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder