Lucene search
K

21 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

ITPison OMICARD EDM 安全漏洞

ITPison OMICARD EDM is a high-speed electronic newspaper EDM marketing distribution system developed by the Chinese company ITPison. ITPison OMICARD EDM has a security vulnerability that stems from insecure direct object references. This vulnerability could allow unauthorized remote attackers to...

6.9CVSS5.4AI score0.00244EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-44462

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00454EPSS
Exploits0References2
NVD
NVD
added 2024/05/15 3:15 a.m.10 views

CVE-2024-4894

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery SSRF attacks. This vulnerability enables attackers to probe internal network information...

5.3CVSS5.4AI score0.00454EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/15 2:53 a.m.14 views

CVE-2024-4894 ITPison OMICARD EDM - Server-Side Request Forgery

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery SSRF attacks. This vulnerability enables attackers to probe internal network information...

5.3CVSS7.1AI score0.00454EPSS
Exploits0References2
CVE
CVE
added 2024/05/15 2:53 a.m.27 views

CVE-2024-4894

The CVE-2024-4894 entry concerns ITPison OMICARD EDM and describes an SSRF flaw caused by improper filtering of specific URL parameters. Unauthenticated remote attackers can modify parameters to trigger Server-Side Request Forgery, enabling probing of internal network information. Connected sourc...

5.3CVSS7AI score0.00454EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/15 2:53 a.m.15 views

CVE-2024-4894 ITPison OMICARD EDM - Server-Side Request Forgery

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery SSRF attacks. This vulnerability enables attackers to probe internal network information...

5.3CVSS5.7AI score0.00454EPSS
Exploits0References2
NVD
NVD
added 2023/12/15 5:15 a.m.11 views

CVE-2023-48373

ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

7.5CVSS0.01314EPSS
Exploits0References1
OSV
OSV
added 2023/12/15 5:15 a.m.5 views

CVE-2023-48372

ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...

9.8CVSS6AI score0.01062EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 5:15 a.m.17 views

CVE-2023-48372

ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...

9.8CVSS0.01062EPSS
Exploits0References1
Prion
Prion
added 2023/12/15 5:15 a.m.21 views

Path traversal

ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

5CVSS7.7AI score0.01314EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/15 4:27 a.m.11 views

CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal

ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

7.5CVSS8AI score0.01314EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/15 4:27 a.m.11 views

CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal

ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

7.5CVSS7.8AI score0.01314EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/15 4:18 a.m.23 views

CVE-2023-48372 ITPison OMICARD EDM 's SMS - SQL Injection

ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...

9.8CVSS10AI score0.01062EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 4:15 a.m.9 views

CVE-2023-48371

ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service...

9.8CVSS0.00961EPSS
Exploits0References1
OSV
OSV
added 2023/12/15 4:15 a.m.5 views

CVE-2023-48371

ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service...

9.8CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2023/12/15 4:11 a.m.15 views

CVE-2023-48371 ITPison OMICARD EDM 's SMS - Arbitrary File Upload

ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service...

9.8CVSS9.9AI score0.00961EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.3 views

ITPison OMICARD EDM Path Traversal Vulnerability

ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from China's ITPison. A path traversal vulnerability exists in ITPison OMICARD EDM v6.0.1.5, which originates from a path traversal on a specific page, and can be exploited by a remote attacker to bypass...

7.5CVSS7.2AI score0.01314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/16 12:0 a.m.5 views

PT-2023-7872 · Unknown · Itpison Omicard Edm

Name of the Vulnerable Software and Affected Versions: ITPison OMICARD EDM affected versions not specified Description: The file uploading function in ITPison OMICARD EDM does not restrict the upload of files with dangerous types. An unauthenticated remote attacker can exploit this issue to uploa...

9.8CVSS9.7AI score0.00961EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/06/16 12:0 a.m.7 views

ITPison OMICARD EDM 代码问题漏洞

ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from China-based ITPison. A code issue vulnerability exists in ITPison OMICARD EDM that stems from the file upload feature not restricting the upload of dangerous types of files...

9.8CVSS8.4AI score0.00928EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.7 views

ITPison OMICARD EDM 代码问题漏洞

ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from the Chinese company ITPison. ITPison OMICARD EDM suffers from a code issue vulnerability that originates from an unrestricted dangerous type file upload vulnerability, which can be exploited by an attacker...

6.8CVSS7.1AI score0.00328EPSS
Exploits0References2
Rows per page
Query Builder