101 matches found
CVE-2024-4894
The CVE-2024-4894 entry concerns ITPison OMICARD EDM and describes an SSRF flaw caused by improper filtering of specific URL parameters. Unauthenticated remote attackers can modify parameters to trigger Server-Side Request Forgery, enabling probing of internal network information. Connected sourc...
Mitsubishi Electric Electrical discharge machines
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : Electrical discharge machines Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...
edm-art.com Cross Site Scripting vulnerability OBB-3837824
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-48373
ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...
CVE-2023-48372
ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...
Path traversal
ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...
CVE-2023-48373
CVE-2023-48373 concerns ITPison OMICARD EDM, where a path traversal flaw exists in the FileName parameter of a specific function. An unauthenticated remote attacker can exploit this to bypass authentication and download arbitrary system files. Public records tie this to ITPison OMICARD EDM v6.0.1...
CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal
ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...
CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal
ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...
CVE-2023-48372
The CVE-2023-48372 entry pertains to ITPison OMICARD EDM. The SMS-related function has insufficient input validation, enabling an unauthenticated remote attacker to inject arbitrary SQL commands to access, modify, and delete database data. This is described across multiple connected records (NVD/...
CVE-2023-48372 ITPison OMICARD EDM 's SMS - SQL Injection
ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...
CVE-2023-48371
ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service...
CVE-2023-48371
ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service...
CVE-2023-48371
ITPison OMICARD EDM is affected by CVE-2023-48371 due to a file upload feature that does not restrict dangerous file types. An unauthenticated remote attacker can upload and execute arbitrary executables, enabling arbitrary system commands or disruption of service. Documents reference affected ve...
ITPison OMICARD EDM Security Vulnerability
ITPison OMICARD EDM is a high speed newsletter EDM marketing and distribution system from China ITPison company. A security vulnerability exists in ITPison OMICARD EDM v6.0.1.5, which originates from the file upload feature not restricting the upload of dangerous types of files, and can be...
ITPison OMICARD EDM SQL Injection Vulnerability
ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from ITPison, China. A SQL injection vulnerability exists in ITPison OMICARD EDM v6.0.1.5, which stems from insufficient validation of user input in SMS related functions, and can be exploited by a remote attacke...
PT-2023-7872 · Unknown · Itpison Omicard Edm
Name of the Vulnerable Software and Affected Versions: ITPison OMICARD EDM affected versions not specified Description: The file uploading function in ITPison OMICARD EDM does not restrict the upload of files with dangerous types. An unauthenticated remote attacker can exploit this issue to uploa...
CVE-2023-5443
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in EDM Informatics E-invoice allows Account Footprinting.This issue affects E-invoice: before 2.1...
CVE-2023-5443
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in EDM Informatics E-invoice allows Account Footprinting. This issue affects E-invoice: before 2.1...
CVE-2023-5443
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in EDM Informatics E-invoice allows Account Footprinting. This issue affects E-invoice: before 2.1...