CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

CVE•added 2025/09/30 11:17 a.m.•10 views

CVE-2025-41099

CVE-2025-41099 describes an insecure direct object reference in Bold Workplanner before version 2.5.25 (build 4935b438f9b). The issue arises from insufficient input validation, allowing an authenticated user to access the internal list of permissions using unauthorized internal identifiers, with ...

7.1CVSS6.3AI score0.00041EPSS

Exploits0References1Affected Software1

OSV•added 2024/01/24 7:15 a.m.•1 views

CVE-2023-43317

An issue in Coign CRM Portal v.06.06 allows a remote attacker to escalate privileges via the userPermissionsList parameter in Session Storage component...

8.8CVSS5.8AI score0.06957EPSS

Exploits2References1

CNNVD•added 2024/01/24 12:0 a.m.•1 views

Coign CRM Portal Security Vulnerability

Coign CRM Portal is a customer relationship management system from Coign, Inc. A security vulnerability exists in Coign CRM Portal version v.06.06 that originates from allowing remote attackers to escalate privileges via the userPermissionsList parameter in the Session Storage component...

8.8CVSS7.2AI score0.06957EPSS

Exploits2References2

Positive Technologies•added 2024/01/23 12:0 a.m.•3 views

PT-2024-13080 · Unknown · Coign Crm Portal

Name of the Vulnerable Software and Affected Versions: Coign CRM Portal version 06.06 Description: An issue in the software allows a remote attacker to escalate privileges via the userPermissionsList parameter in the Session Storage component. Recommendations: For Coign CRM Portal version 06.06,...

8.8CVSS8.5AI score0.06957EPSS

Exploits2References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by