Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2023/08/05 12:0 a.m.15 views

CVE-2023-33367

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution...

8.8AI score0.01068EPSS
Exploits0References2
CVE
CVE
added 2023/08/05 12:0 a.m.57 views

CVE-2023-33367

Control ID IDSecure versions 4.7.26.0 and prior are affected by a SQL injection vulnerability. The flaw allows unauthenticated attackers to write PHP files on the server’s root directory, enabling remote code execution. This is rooted in input handling in IDSecure leading to arbitrary file writes...

9.8CVSS10AI score0.01068EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/08/03 1:15 a.m.17 views

CVE-2023-33369

A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service...

9.1CVSS9.1AI score0.00743EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.13 views

CVE-2023-33368

Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes...

6.6AI score0.00541EPSS
Exploits0References2
CVE
CVE
added 2023/08/03 12:0 a.m.2499 views

CVE-2023-33368

CVE-2023-33368 affects Control ID IDSecure 4.7.26.0 and earlier. The issue concerns API routes that exfiltrate sensitive information and passwords to users accessing those routes. Impact: information disclosure (Confidentiality HIGH per CVSS). No fix version is publicly documented in the provided...

6.5CVSS6.3AI score0.00541EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder