Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-23950

Malware in sbrugna...

8.8CVSS8.6AI score0.00605EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:55 p.m.3 views

CVE-2021-37381

Southsoft GMIS 5.0 is vulnerable to CSRF attacks. Attackers can access other users' private information such as photos through CSRF. For example: any student's photo information can be accessed through /gmis/S1/student/grgl/PotoImageShow/?bh=2. Among them, the code in 1 is a random string generat...

8.8CVSS7.2AI score0.00605EPSS
Exploits1References1
NVD
NVD
added 2021/08/06 1:15 p.m.19 views

CVE-2021-37381

Southsoft GMIS 5.0 is vulnerable to CSRF attacks. Attackers can access other users' private information such as photos through CSRF. For example: any student's photo information can be accessed through /gmis/S1/student/grgl/PotoImageShow/?bh=2. Among them, the code in 1 is a random string generat...

8.8CVSS0.00605EPSS
Exploits1References2
OSV
OSV
added 2021/08/06 1:15 p.m.4 views

CVE-2021-37381

Southsoft GMIS 5.0 is vulnerable to CSRF attacks. Attackers can access other users' private information such as photos through CSRF. For example: any student's photo information can be accessed through /gmis/S1/student/grgl/PotoImageShow/?bh=2. Among them, the code in 1 is a random string generat...

8.8CVSS5.8AI score0.00605EPSS
Exploits1References2
Prion
Prion
added 2021/08/06 1:15 p.m.16 views

Cross site request forgery (csrf)

Southsoft GMIS 5.0 is vulnerable to CSRF attacks. Attackers can access other users' private information such as photos through CSRF. For example: any student's photo information can be accessed through /gmis/S1/student/grgl/PotoImageShow/?bh=2. Among them, the code in 1 is a random string generat...

6.8CVSS8.4AI score0.00605EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/08/06 12:52 p.m.62 views

CVE-2021-37381

The CVE-2021-37381 entry concerns Southsoft GMIS 5.0, which is vulnerable to Cross-Site Request Forgery (CSRF). The exposed issue enables access to private user information (e.g., student photos) by CSRF via a crafted request to endpoints such as /gmis/(S([1]))/student/grgl/PotoImageShow/?bh=[2]....

8.8CVSS8.4AI score0.00605EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.5 views

Southsoft GMIS 跨站请求伪造漏洞

Southsoft GMIS is an information management system. A cross-site request forgery vulnerability exists in Southsoft GMIS 5.0, which arises from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could use this vulnerability to send an...

8.8CVSS7.8AI score0.00605EPSS
Exploits1References3
Rows per page
Query Builder