Lucene search
K

65 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.8 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

9.8CVSS7.6AI score0.00952EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:5 a.m.9 views

CVE-2023-37798

A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...

5.4CVSS5.6AI score0.00452EPSS
Exploits1References1
Schneier on Security
Schneier on Security
added 2025/02/14 5:5 p.m.7 views

Friday Squid Blogging: Squid the Care Dog

The Vanderbilt University Medical Center has a pediatric care dog named "Squid." Blog moderation policy...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.166 views

JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure', 'Description' = %q SIEMENS IP-Camera CVMS2025-IR + CCMS2025, JVC IP-Camera...

7.4AI score
Exploits0
NVD
NVD
added 2024/03/21 2:48 a.m.17 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

9.8CVSS7.1AI score0.00952EPSS
Exploits1References2
OSV
OSV
added 2024/03/21 2:48 a.m.4 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

6.5CVSS5.9AI score0.00952EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/03/21 2:48 a.m.5 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

9.8CVSS5.8AI score0.00952EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.3 views

Vanderbilt REDCap 安全漏洞

REDCap is a data collection and management web application. A security vulnerability exists in Vanderbilt REDCap prior to v.13.8.0, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to gain access to sensitive information via a password reset...

9.8CVSS7.9AI score0.00952EPSS
Exploits1References3
Prion
Prion
added 2024/03/14 11:51 p.m.43 views

Sql injection

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

8.1AI score0.00952EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/06 12:0 a.m.6 views

PT-2024-12765 · Vanderbilt · Redcap

Name of the Vulnerable Software and Affected Versions: Vanderbilt REDCap versions prior to 13.8.0 Description: A SQL injection issue allows a remote attacker to obtain sensitive information via the password reset mechanism in the MyCapMobileApp/update.php endpoint, specifically through the passwo...

9.8CVSS7.6AI score0.00952EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.15 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

7.4AI score0.00952EPSS
Exploits1References2
CVE
CVE
added 2024/03/06 12:0 a.m.46 views

CVE-2023-38825

Summary: CVE-2023-38825 is a SQL injection vulnerability in Vanderbilt REDCap prior to v13.8.0, exposed via the MyCapMobileApp/update.php password-reset endpoint. Affected software: Vanderbilt REDCap (pre-13.8.0). Root cause/impact: improper input handling in the password-reset path allows a remo...

9.8CVSS7.4AI score0.00952EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/06 12:0 a.m.13 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...

7.5AI score0.00952EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2024/02/28 3:7 p.m.10 views

vanderbiltestates.dental Cross Site Scripting vulnerability OBB-3861420

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/01/23 7:21 p.m.8 views

as.vanderbilt.edu Cross Site Scripting vulnerability OBB-3841621

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/09/07 7:15 p.m.5 views

CVE-2023-37798

A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...

5.4CVSS6.2AI score0.00452EPSS
Exploits1References4
NVD
NVD
added 2023/09/07 7:15 p.m.13 views

CVE-2023-37798

A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...

5.4CVSS5.3AI score0.00452EPSS
Exploits1References3
OSV
OSV
added 2023/09/07 7:15 p.m.8 views

CVE-2023-37798

A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...

5.4CVSS5.9AI score0.00452EPSS
Exploits1References3
Prion
Prion
added 2023/09/07 7:15 p.m.18 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...

4.9CVSS5.3AI score0.00452EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/07 12:0 a.m.9 views

CVE-2023-37798

A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...

5.6AI score0.00452EPSS
Exploits1References3
Rows per page
Query Builder