CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files...

7.5CVSS8AI score0.01684EPSS

Exploits0References1

Vulnrichment•added 2022/10/18 5:40 a.m.•5 views

CVE-2022-39057 Changing Information Technology Inc. RAVA certificate validation system - Command Injection

RAVA certificate validation system has insufficient filtering for special parameter of the web page input field. A remote attacker with administrator privilege can exploit this vulnerability to perform arbitrary system command and disrupt service...

7.2CVSS7.5AI score0.00686EPSS

Exploits0References1

Vulnrichment•added 2022/10/18 5:40 a.m.•7 views

CVE-2022-39056 Changing Information Technology Inc. RAVA certificate validation system - SQL Injection

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

9.8CVSS7.9AI score0.0076EPSS

Exploits0References1

Cvelist•added 2022/10/18 5:40 a.m.•12 views

CVE-2022-39056 Changing Information Technology Inc. RAVA certificate validation system - SQL Injection

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

9.8CVSS10AI score0.0076EPSS

Exploits0References1

Vulnrichment•added 2022/10/18 5:40 a.m.•9 views

CVE-2022-39055 Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response...

5.3CVSS7.2AI score0.0041EPSS

Exploits0References1

Cvelist•added 2022/10/18 5:40 a.m.•14 views

CVE-2022-39055 Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)

5.3CVSS5.7AI score0.0041EPSS

Exploits0References1

CNNVD•added 2022/10/18 12:0 a.m.•2 views

Changing Information Technology RAVA certificate validation system SQL注入漏洞

Changing Information Technology RAVA certificate validation system Panorama Software RAVA certificate validation system website is a credential validation system from China-based Changing Information Technology. The Panorama Software RAVA certificate validation system suffers from a SQL injection...

9.8CVSS8.7AI score0.0076EPSS

Exploits0References3

Positive Technologies•added 2022/10/18 12:0 a.m.•5 views

PT-2022-24702 · Unknown · Rava Certificate Validation System

Name of the Vulnerable Software and Affected Versions: RAVA certificate validation system affected versions not specified Description: The issue is related to insufficient filtering for a special parameter of the web page input field in the RAVA certificate validation system. A remote attacker wi...

7.2CVSS7AI score0.00686EPSS

Exploits0References3

Positive Technologies•added 2022/10/18 12:0 a.m.•4 views

PT-2022-24700 · Unknown · Rava Certificate Validation System

Name of the Vulnerable Software and Affected Versions: RAVA certificate validation system affected versions not specified Description: The RAVA certificate validation system has inadequate filtering for the URL parameter, allowing an unauthenticated remote attacker to perform a Server-Side Reques...

5.3CVSS5.2AI score0.0041EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by