EUVD-2021-23315

Malware in sbrugna...

eservices.culture.gov.bh Cross Site Scripting vulnerability OBB-3029606

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Amios Emuse-eServices/eNvoice has an unspecified vulnerability

Amios Emuse-eServices/eNvoice is an electronic invoicing service from the Israeli company Amios. It is a digital interface that simplifies the collection process and automatically sends invoices to customers via email. Amios Emuse-eServices/eNvoice suffers from a security vulnerability that stems...

Amios Emuse-eServices/eNvoice SQL Injection Vulnerability

Amios Emuse-eServices/eNvoice is an electronic invoicing service from the Israeli company Amios. It is a digital interface that simplifies the collection process and automatically sends invoices to customers via email.Amios Emuse-eServices/eNvoice suffers from a SQL injection vulnerability, which...

CVE-2021-36722

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...

CVE-2021-36723

Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service...

Sql injection

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...

CVE-2021-36722 Emuse - eServices / eNvoice SQL injection

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...

CVE-2021-36722

CVE-2021-36722 affects Emuse - eServices / eNvoice, where an SQL injection vulnerability arises from insufficient input validation. The flaw can enable attackers to bypass login authentication, dump the entire database, or potentially achieve full remote code execution on affected endpoints. The ...

CVE-2021-36723 Emuse - eServices / eNvoice Exposure Of Private Personal Information

Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service...

CVE-2021-36723

CVE-2021-36723 affects Emuse - eServices / eNvoice (Amios). The connected records describe a vulnerability caused by lack of identification mechanisms and predictable IDs, enabling an attacker to scrape all files and expose private personal information. Public sources (NVD/CNVD/etc.) reiterate ex...

Amios Emuse - eServices / eNvoice SQL注入漏洞

Amios Emuse-eServices/eNvoice is an electronic invoicing service from the Israeli company Amios. It is a digital interface that simplifies the collection process and automatically sends invoices to customers via email.Amios Emuse-eServices/eNvoice suffers from a SQL injection vulnerability, which...

Genesys PureEngage Digital Cross-Site Scripting Vulnerability

Genesys PureEngage Digital is an omni-channel customer interaction management platform from Genesys. The platform supports features such as online chat, email and SMS Short Message Service. A cross-site scripting vulnerability exists in Genesys PureEngage Digital eServices version 8.1.x. The...

CVE-2019-17176

Genesys PureEngage Digital eServices 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp ActionColor, ClientNickNameColor, Email, email, or emailaddress parameter...

eservices.digitalmailer.com XSS vulnerability

Vulnerable URL: https://eservices.digitalmailer.com/statements/c/355/estatementform.asp?account==1"...

McAfee Email Gateway Cross-Site Scripting Vulnerability (CNVD-2016-02066)

McAfee Email Gateway is an enterprise-class email security solution. A cross-site scripting vulnerability exists in McAfee Email Gateway MEG version 7.6.x prior to 7.6.404, where File Filtering is enabled and action is set to ESERVICES:REPLACE, which allows a remote attacker to inject arbitrary w...