CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

61 matches found

CVE-2026-10597

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS

Exploits0References2

CVE•added 11 hours ago•6 views

CVE-2026-10597

Affected product/vendor: OMICARD EDM — ITPison. Vulnerability: Insecure Direct Object Reference (IDOR) that allows unauthenticated remote attackers to modify a specific parameter to obtain a user’s email address. Impact (as described): Unauthorized disclosure of user email information due to IDOR...

6.9CVSS5.8AI score

Exploits0References2

EUVD•added 11 hours ago•4 views

EUVD-2026-34196

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS5.8AI score

Exploits0References2

Positive Technologies•added 13 hours ago•4 views

PT-2026-46130

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...

6.9CVSS5.8AI score

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-44462

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00225EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-38108

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00603EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-36031

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02552EPSS

Exploits0References2

NVD•added 2024/05/15 3:15 a.m.•7 views

CVE-2024-4894

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery SSRF attacks. This vulnerability enables attackers to probe internal network information...

5.3CVSS5.4AI score0.00225EPSS

Exploits0References2

CVE•added 2024/05/15 2:53 a.m.•18 views

CVE-2024-4894

The CVE-2024-4894 entry concerns ITPison OMICARD EDM and describes an SSRF flaw caused by improper filtering of specific URL parameters. Unauthenticated remote attackers can modify parameters to trigger Server-Side Request Forgery, enabling probing of internal network information. Connected sourc...

5.3CVSS7AI score0.00225EPSS

Exploits0References2

Cvelist•added 2024/05/15 2:53 a.m.•7 views

CVE-2024-4894 ITPison OMICARD EDM - Server-Side Request Forgery

5.3CVSS5.7AI score0.00225EPSS

Exploits0References2

Vulnrichment•added 2024/05/15 2:53 a.m.•12 views

CVE-2024-4894 ITPison OMICARD EDM - Server-Side Request Forgery

5.3CVSS7.1AI score0.00225EPSS

Exploits0References2

CNNVD•added 2024/05/15 12:0 a.m.•2 views

ITPison OMICARD EDM 代码问题漏洞

ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from China-based ITPison. A code issue vulnerability exists in ITPison OMICARD EDM versions prior to v6.0 that stems from the inability to properly filter specific URL parameters, which allows an unauthenticated,...

5.3CVSS7.1AI score0.00225EPSS

Exploits0References3

NVD•added 2023/12/15 5:15 a.m.•9 views

CVE-2023-48373

ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

7.5CVSS0.00102EPSS

Exploits0References1

NVD•added 2023/12/15 5:15 a.m.•6 views

CVE-2023-48372

ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database...

9.8CVSS0.00674EPSS

Exploits0References1

OSV•added 2023/12/15 5:15 a.m.•2 views

CVE-2023-48372

9.8CVSS6AI score

Exploits0References1

Prion•added 2023/12/15 5:15 a.m.•16 views

Path traversal

5CVSS7.7AI score0.00102EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/12/15 4:27 a.m.•9 views

CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal

7.5CVSS7.8AI score0.00102EPSS

Exploits0References1

Cvelist•added 2023/12/15 4:27 a.m.•10 views

CVE-2023-48373 ITPison OMICARD EDM 's SMS - Path Traversal

7.5CVSS8AI score0.00102EPSS

Exploits0References1

CVE•added 2023/12/15 4:27 a.m.•46 views

CVE-2023-48373

CVE-2023-48373 concerns ITPison OMICARD EDM, where a path traversal flaw exists in the FileName parameter of a specific function. An unauthenticated remote attacker can exploit this to bypass authentication and download arbitrary system files. Public records tie this to ITPison OMICARD EDM v6.0.1...

7.5CVSS7.8AI score0.00102EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/15 4:18 a.m.•11 views

CVE-2023-48372 ITPison OMICARD EDM 's SMS - SQL Injection

9.8CVSS10AI score0.00674EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by