Lucene search
K

55 matches found

EUVD
EUVD
added 2026/05/10 3:33 a.m.7 views

EUVD-2026-28950

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS5.7AI score0.00403EPSS
Exploits0References5
NVD
NVD
added 2026/05/10 1:16 a.m.59 views

CVE-2026-8216

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS0.00391EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 1:0 a.m.9 views

CVE-2026-8216 Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:15 a.m.7 views

CVE-2026-8214

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS5.5AI score0.00403EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/10 12:15 a.m.58 views

CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS0.00403EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.15 views

PT-2026-39466

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.10 views

Canias ERP 安全漏洞

Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains a security vulnerability. This vulnerability stems from observed differences in the response of the...

6.3CVSS5.8AI score0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.9 views

Canias ERP 授权问题漏洞

Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains an authorization vulnerability; this vulnerability stems from the function...

7.5CVSS7.1AI score0.00391EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/11/17 12:31 p.m.101 views

Exploit for CVE-2024-54820

Vulnerability: Unauthenticated SQL Injection - Clear Credentia...

9.8CVSS8.5AI score0.01149EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/01/19 12:0 a.m.12 views

PT-2024-14329 · Yonbip · Yonbip

Name of the Vulnerable Software and Affected Versions: YonBIP version 3 23.05 Description: An arbitrary file upload vulnerability in the doAction method of nccloud.web.arcp.taskmonitor.action.ArcpUploadAction allows attackers to execute arbitrary code via uploading a crafted file. Recommendations...

9.8CVSS9.4AI score0.00819EPSS
Exploits0References7
Hacker One
Hacker One
added 2021/04/22 10:9 p.m.12 views

WordPress: PII of users can be downloaded from export pages

Sensitive personally identifiable information PII of users, including their name, email, phone number, role, and organization, was exposed on the https://doaction.org/ website. The PII was found in CSV files that could be downloaded from various endpoints on the website, which could be enumerated...

6.6AI score
Exploits0
OSV
OSV
added 2019/05/27 11:29 p.m.3 views

CVE-2019-12362

EmpireCMS 7.5.0 has XSS via the HTTP Referer header to e/member/doaction.php...

6.1CVSS6.4AI score0.00826EPSS
Exploits1References1
OSV
OSV
added 2019/02/08 5:29 p.m.4 views

CVE-2019-7648

controller/fetchpwd.php and controller/doAction.php in HotelsServer through 2018-11-05 rely on base64 in an attempt to protect password storage...

7.5CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2009/06/19 6:0 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...

4.3CVSS6.1AI score0.04089EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.25 views

CVE-2009-2133

Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...

5.7AI score0.04089EPSS
Exploits1References9
Rows per page
Query Builder