Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-33944

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00706EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:58 a.m.9 views

CVE-2022-29613

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application...

4.3CVSS6.7AI score0.00706EPSS
Exploits0References1
OSV
OSV
added 2022/05/11 3:15 p.m.4 views

CVE-2022-29613

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application...

4.3CVSS5.8AI score0.00706EPSS
Exploits0References2
NVD
NVD
added 2022/05/11 3:15 p.m.23 views

CVE-2022-29613

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application...

4.3CVSS0.00706EPSS
Exploits0References2
Prion
Prion
added 2022/05/11 3:15 p.m.14 views

Input validation

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application...

4CVSS4.5AI score0.00706EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/11 2:57 p.m.20 views

CVE-2022-29613

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application...

4.8AI score0.00706EPSS
Exploits0References2
CNVD
CNVD
added 2020/11/23 12:0 a.m.3 views

Sentrifugo SQL Injection Vulnerability (CNVD-2020-66084)

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. Sentrifugo version 3.2 suffers from a SQL injection vulnerability that originates from the fact that administrators c...

7.2CVSS7.8AI score0.01486EPSS
Exploits1References1
OSV
OSV
added 2020/11/12 7:15 p.m.5 views

CVE-2020-26805

In Sentrifugo 3.2, admin can edit employee's informations via this endpoint -- /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data from database or write...

7.2CVSS7.2AI score0.01486EPSS
Exploits1References1
CNVD
CNVD
added 2019/06/20 12:0 a.m.2 views

EXCELLENT INFOTEK BiYan Information Disclosure Vulnerability (CNVD-2019-18740)

EXCELLENT INFOTEK BiYan is China Taiwan Jieyin information EXCELLENT INFOTEK company's set of document management system. An information disclosure vulnerability exists in EXCELLENT INFOTEK BiYan versions 1.57 through 2.8. The vulnerability can be exploited to disclose user information password b...

9.8CVSS6.3AI score0.01533EPSS
Exploits1References1
Rows per page
Query Builder