CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/22 11:16 p.m.•2 views

CVE-2022-36521

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts...

7.5CVSS7AI score0.00406EPSS

Exploits1References1

Exploit DB•added 2023/05/02 12:0 a.m.•259 views

OpenEMR v7.0.1 - Authentication credentials brute force

Exploit Title: OpenEMR v7.0.1 - Authentication credentials brute force Date: 2023-04-28 Exploit Author: abhhi Abhishek Birdawade Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v701.tar.gz Version: 7.0.1 Tested on: Windows ''' Example...

7.4AI score

Exploits0

Positive Technologies•added 2023/02/16 12:0 a.m.•1 views

PT-2023-1535 · Fortinet · Fortiweb

Name of the Vulnerable Software and Affected Versions: FortiWeb versions 7.0.1 and below FortiWeb version 6.4 all versions FortiWeb version 6.3.18 and below Description: The issue is related to an improper neutralization of special elements used in an OS command, which may allow a privileged...

9CVSS7.2AI score0.00432EPSS

Exploits0References4

NVD•added 2022/08/26 2:15 p.m.•8 views

CVE-2022-36521

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts...

7.5CVSS0.00406EPSS

Exploits1References1

Prion•added 2022/08/26 2:15 p.m.•7 views

Code injection

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts...

5CVSS7.5AI score0.00406EPSS

Exploits1References1Affected Software1

CVE•added 2022/08/26 1:52 p.m.•47 views

CVE-2022-36521

CVE-2022-36521 affects cskefu v7.0.1, where insecure permissions allow unauthenticated attackers to arbitrarily add administrator accounts. The issue is rooted in permission checks within the application, enabling privilege escalation at the admin-creation step. Multiple sources (NVD/Red Hat/CVE ...

7.5CVSS7.5AI score0.00406EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/08/26 1:52 p.m.•9 views

CVE-2022-36521

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts...

7.7AI score0.00406EPSS

Exploits1References1

IBM Security Bulletins•added 2018/06/15 7:2 a.m.•18 views

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM WebSphere MQ (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM WebSphere MQ. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...

5CVSS1.1AI score0.2382EPSS

Exploits0Affected Software1

seebug.org•added 2016/05/24 12:0 a.m.•18 views

B2Bbuilder v7.0.1 install.php 设计缺陷可无限制getshell

0x01漏洞简介 B2Bbuilder v7.0.1 在文件install.php处存在一个设计缺陷，导致可无限制getshell。 0x02漏洞详情 /install/install.php if$action == "setup" //检查参数是否完整 $dbhost = $GET'dbhost'; $port = $GET'port'; $dbname = $GET'dbname'; $dbuser = $GET'dbuser'; $dbpassword = $GET'dbpassword'; $tableprefix = $GET'tableprefix'; $guid =...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by