Lucene search
K

4 matches found

Cvelist
Cvelist
added 2017/06/07 1:0 p.m.19 views

CVE-2017-7312

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, anyone can add a vendor account or read existing vendor account data including usernames and passwords...

9.4AI score0.02975EPSS
Exploits2References1
CVE
CVE
added 2017/06/07 1:0 p.m.54 views

CVE-2017-7312

CVE-2017-7312 affects Personify360 e-Business v7.5.2–v7.6.1. The vulnerability exists when accessing /TabId/275, allowing unauthenticated users to add vendor accounts or read existing vendor data, including usernames and passwords. This is an information disclosure and privilege escalation-like f...

9.8CVSS9.2AI score0.02975EPSS
Exploits2References1Affected Software1
exploitpack
exploitpack
added 2017/05/09 12:0 a.m.32 views

Personify360 7.5.27.6.1 - Improper Access Restrictions

Personify360 7.5.27.6.1 - Improper Access Restrictions Exploit Title: Access and read and create vendor / API credentials in plaintext Date: 3/29/2017 Exploit Author: Pesach Zirkind Vendor Homepage: https://personifycorp.com/ Version: 7.5.2 - 7.6.1 Tested on: Windows all versions CVE :...

7.5CVSS0.9AI score0.02975EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/05/09 12:0 a.m.30 views

Personify360 7.5.2/7.6.1 - Improper Access Restrictions

Exploit Title: Access and read and create vendor / API credentials in plaintext Date: 3/29/2017 Exploit Author: Pesach Zirkind Vendor Homepage: https://personifycorp.com/ Version: 7.5.2 - 7.6.1 Tested on: Windows all versions CVE : CVE-2017-7312 Category: webapps 1. Description Any website visito...

9.8CVSS9.7AI score0.02975EPSS
Exploits2
Rows per page
Query Builder