Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Easy Test Security Vulnerabilities

cve
cve

CVE-2022-43436

The File Upload function of EasyTest has insufficient filtering for special characters and file type. A remote attacker authenticated as a general user can upload and execute arbitrary files, to manipulate system or disrupt service.

8.8CVSS

8.8AI Score

0.002EPSS

2023-01-03 03:15 AM
16
cve
cve

CVE-2022-43437

The Download functionโ€™s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database.

8.8CVSS

8.8AI Score

0.002EPSS

2023-01-03 03:15 AM
21
cve
cve

CVE-2022-43438

The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote attacker authenticated as a general user can exploit this vulnerability to bypass the intended access restrictions, to make API functions calls, manipulate system and terminate service.

8.8CVSS

8.5AI Score

0.002EPSS

2023-01-03 03:15 AM
26