CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/01/07 9:30 a.m.•4 views

CVE-2019-16133

An issue was discovered in eteams OA v4.0.34. Because the session is not strictly checked, the account names and passwords of all employees in the company can be obtained by an ordinary account. Specifically, the attacker sends a jsessionid value for URIs under app/profile/summary/...

6.5CVSS6.9AI score0.00266EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-6970

Malware in sbrugna...

6.5CVSS6.6AI score0.00266EPSS

Exploits1References2

OSV•added 2019/09/09 3:15 a.m.•2 views

CVE-2019-16133

6.5CVSS6.6AI score0.00266EPSS

Exploits1References1

NVD•added 2019/09/09 3:15 a.m.•12 views

CVE-2019-16133

6.5CVSS6.5AI score0.00266EPSS

Exploits1References1

Prion•added 2019/09/09 3:15 a.m.•10 views

Code injection

4CVSS6.4AI score0.00266EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/09/09 2:4 a.m.•14 views

CVE-2019-16133

6.5AI score0.00266EPSS

Exploits1References1

CVE•added 2019/09/09 2:4 a.m.•109 views

CVE-2019-16133

The CVE-2019-16133 issue affects eteams OA v4.0.34 where session handling is not strictly checked, allowing an ordinary account to obtain account names and passwords of all employees by sending a jsessionid value for URIs under app/profile/summary/. Connected sources (Red Hat RH:CVE-2019-16133 an...

6.5CVSS6.4AI score0.00266EPSS

Exploits1References1Affected Software1

seebug.org•added 2014/08/19 12:0 a.m.•20 views

泛微eteams_oa系统越权修改任意用户信息

简要描述：泛微eteams oa系统越权修改任何新信息详细说明：进入https://www.eteams.cn/login/demo 然后登陆一个普通用户如图所示：然后鼠标点击页面尚首这个人如图所示：抓包得到一个链接： https://www.eteams.cn/profile/summary/8005824116863355409.json?=1408094249509 这时候我们记住8005824116863355409这个东西我们修改本用户资料处: 我们修改一下电话，然后抓包并且把里面的employee.id替换为8005824116863355409为:...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by