98 matches found
CVE-2025-55462
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...
CVE-2025-55462
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...
CVE-2025-55462
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...
PT-2026-2470
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...
CVE-2025-55462
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...
CVE-2025-55462
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...
Eramba CommunityåEramba Enterprise å®å Øę¼ę“
Eramba Community and Eramba Enterprise are both a compliance management software from Eramba UK. A security vulnerability exists in Eramba Community and Eramba Enterprise version 3.26.0 that stems from a CORS misconfiguration and could lead to session hijacking and data exfiltration...
CVE-2025-55462
Eramba Community/Enterprise Editions v3.26.0 are affected by a CORS misconfiguration that reflects an attacker-controlled Origin header in Access-Control-Allow-Origin with Access-Control-Allow-Credentials: true. This enables authenticated cross-origin requests from malicious sites to endpoints su...
Exploit for CVE-2025-55462
CVE-2025-55462 --- Vulnerability Summary A CORS misconf...
š Eramba GRC 3.19.1 Command Injection
Eramba GRC platform version 3.19.1 proof of concept command injection exploit. ============================================================================================================================================= | Title : Eramba GRC platform 3.19.1 Command injection in download-test-pdf...
EUVD-2018-19606
Malware in sbrugna...
EUVD-2018-19709
Malware in sbrugna...
EUVD-2020-17796
Malware in sbrugna...
EUVD-2020-17795
Malware in sbrugna...
EUVD-2020-20522
Malware in sbrugna...
EUVD-2018-19708
Malware in sbrugna...
EUVD-2018-19456
Malware in sbrugna...
EUVD-2024-24788
Malicious code in bioql PyPI...
EUVD-2022-46381
Malicious code in bioql PyPI...
CVE-2023-36255
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...