Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-10893

Malware in sbrugna...

8.8CVSS8.8AI score0.00141EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-49950

Malicious code in bioql PyPI...

3.6CVSS4.4AI score0.00052EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/23 2:21 a.m.8 views

CVE-2023-45659

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

3.6CVSS7AI score0.00052EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:20 a.m.4 views

CVE-2023-45152

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

2.3CVSS6.6AI score0.00023EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/12/22 8:37 p.m.17 views

CVE-2023-50924 Stored XSS in Overview and Output fields

Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the...

7.3CVSS7.5AI score0.0009EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/12/22 8:37 p.m.9 views

CVE-2023-50924 Stored XSS in Overview and Output fields

Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the...

7.3CVSS7.4AI score0.0009EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/12/22 12:0 a.m.2 views

Engelsystem Cross-Site Scripting Vulnerability

Engelsystem is an open source shift planning system from Engelsystem. A cross-site scripting vulnerability exists in versions prior to Englesystem v3.4.1 that stems from insufficient validation of user-supplied data, allowing injection and execution of Javascript code in another user's environmen...

7.3CVSS6.8AI score0.0009EPSS
Exploits0References3
NVD
NVDadded 2023/10/17 12:15 a.m.13 views

CVE-2023-45659

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

3.6CVSS4.1AI score0.00052EPSS
Exploits1References2
NVD
NVDadded 2023/10/17 12:15 a.m.7 views

CVE-2023-45152

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

2.3CVSS3.5AI score0.00023EPSS
Exploits1References2
Prion
Prionadded 2023/10/17 12:15 a.m.11 views

Server side request forgery (ssrf)

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

1.4CVSS3.9AI score0.00023EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2023/10/17 12:15 a.m.12 views

Design/Logic Flaw

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

1.5CVSS4.3AI score0.00052EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/16 11:34 p.m.13 views

CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

2CVSS6.6AI score0.00023EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/10/16 11:34 p.m.13 views

CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

2CVSS3.8AI score0.00023EPSS
Exploits1References2
CVE
CVEadded 2023/10/16 11:34 p.m.40 views

CVE-2023-45152

CVE-2023-45152 applies to Engelsystem, a shift planning system. Description: a Blind SSRF in the Import schedule feature allows a local port scan against the host environment. Root cause is a server-side request forgery in the import workflow. The advisory notes the issue has been fixed in commit...

2.3CVSS3.4AI score0.00023EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/10/16 11:34 p.m.12 views

CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

2CVSS4.5AI score0.00023EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/10/16 11:32 p.m.10 views

CVE-2023-45659 Session is not expiring after password reset in Engelsystem

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

3.6CVSS4.4AI score0.00052EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/10/16 11:32 p.m.12 views

CVE-2023-45659 Session is not expiring after password reset in Engelsystem

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

3.6CVSS7AI score0.00052EPSS
Exploits1References2
OSV
OSVadded 2023/10/16 11:32 p.m.19 views

CVE-2023-45659 Session is not expiring after password reset in Engelsystem

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

3.6CVSS4.9AI score0.00052EPSS
Exploits1References4
CVE
CVEadded 2023/10/16 11:32 p.m.41 views

CVE-2023-45659

Engelsystem is affected by CVE-2023-45659, where if a user’s password is compromised and an attacker gains access to that user’s session, the attacker’s session is not terminated after the user’s password is reset. The issue has a fix committed in dbb089315ff3d, and users are advised to update th...

3.6CVSS4AI score0.00052EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/10/16 12:0 a.m.2 views

PT-2023-29440 · Unknown · Engelsystem

Name of the Vulnerable Software and Affected Versions: Engelsystem versions prior to the version containing commit ee7d30b33 Description: Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against t...

2.3CVSS3.5AI score0.00023EPSS
Exploits1References7
Rows per page
Query Builder