Lucene search
K

242 matches found

Cvelist
Cvelist
added 2023/10/25 10:23 a.m.28 views

CVE-2023-27260 Unauthenticated SQL Injection In IDAttend’s IDWeb Application

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.8CVSS10AI score0.00556EPSS
Exploits0References1
CVE
CVE
added 2023/10/25 10:23 a.m.51 views

CVE-2023-27260

CVE-2023-27260 affects IDAttend’s IDWeb application (versions up to 3.1.052). The connected documents describe an unauthenticated SQL injection in the GetAssignmentsDue method, allowing extraction or modification of all data. The vulnerability is network-accessible with no privileges and no user ...

9.8CVSS9.9AI score0.00556EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/25 10:23 a.m.9 views

CVE-2023-27260 Unauthenticated SQL Injection In IDAttend’s IDWeb Application

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.8CVSS8.1AI score0.00556EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 10:21 a.m.14 views

CVE-2023-27261 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers...

5.3CVSS6AI score0.00526EPSS
Exploits0References1
CVE
CVE
added 2023/10/25 10:21 a.m.45 views

CVE-2023-27261

CVE-2023-27261 affects IDAttend’s IDWeb application, version 3.1.052 and earlier. The root cause is missing authentication in the DeleteAssignments method, enabling unauthenticated actors to delete data. Reported impact states data deletion possible without credentials; CVSS bases show Medium sev...

6.5CVSS5.8AI score0.00526EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/25 10:21 a.m.18 views

CVE-2023-27261 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers...

5.3CVSS6.9AI score0.00526EPSS
Exploits0References1
CVE
CVE
added 2023/10/25 10:20 a.m.45 views

CVE-2023-27377

CVE-2023-27377 affects IDAttend’s IDWeb app (versions 3.1.052 and earlier). The root cause is missing authentication in the StudentPopupDetails_EmergencyContactDetails method, enabling unauthenticated attackers to exfiltrate sensitive student data over the network. The cvss 3.1 data indicates hig...

7.5CVSS7.7AI score0.00695EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/25 10:20 a.m.26 views

CVE-2023-27377 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the StudentPopupDetailsEmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.9AI score0.00695EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 10:20 a.m.12 views

CVE-2023-27377 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the StudentPopupDetailsEmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.7AI score0.00695EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 10:19 a.m.12 views

CVE-2023-27376 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the StudentPopupDetailsStudentDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.7AI score0.00695EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/25 10:19 a.m.19 views

CVE-2023-27376 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the StudentPopupDetailsStudentDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.9AI score0.00695EPSS
Exploits0References1
CVE
CVE
added 2023/10/25 10:19 a.m.43 views

CVE-2023-27376

CVE-2023-27376 affects IDAttend IDWeb (versions 3.1.052 and earlier). The root cause is missing authentication in the StudentPopupDetails_StudentDetails method, enabling unauthenticated attackers to extract sensitive student data. Documents indicate the vulnerability exists in IDWeb v3.1.052 and ...

7.5CVSS7.7AI score0.00695EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/25 10:18 a.m.45 views

CVE-2023-27375

The vulnerability CVE-2023-27375 affects the IDAttend IDWeb application (versions 3.1.052 and earlier). The root cause is missing authentication in the StudentPopupDetails_ContactDetails method, enabling unauthenticated attackers to extract sensitive student data. Impact is described as high conf...

7.5CVSS7.7AI score0.00695EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/25 10:18 a.m.27 views

CVE-2023-27375 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the StudentPopupDetailsContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.9AI score0.00695EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 10:18 a.m.14 views

CVE-2023-27375 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the StudentPopupDetailsContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...

7.5CVSS7.7AI score0.00695EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/25 10:17 a.m.27 views

CVE-2023-27259 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...

7.5CVSS7.9AI score0.00508EPSS
Exploits0References1
CVE
CVE
added 2023/10/25 10:17 a.m.39 views

CVE-2023-27259

IDAttend IDWeb application, versions 3.1.052 and earlier, has a vulnerability in the GetAssignmentsDue method where missing authentication allows unauthenticated extraction of sensitive student and teacher data. Root cause: incomplete access control enabling data exposure. Impact: confidential da...

7.5CVSS7.7AI score0.00508EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/25 10:17 a.m.11 views

CVE-2023-27259 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...

7.5CVSS7.7AI score0.00508EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/25 10:16 a.m.29 views

CVE-2023-27258 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student and teacher data by unauthenticated attackers...

7.5CVSS7.9AI score0.00508EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 10:16 a.m.11 views

CVE-2023-27258 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student and teacher data by unauthenticated attackers...

7.5CVSS7.7AI score0.00508EPSS
Exploits0References1
Rows per page
Query Builder