Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sparkdevnetwork Security Vulnerabilities

cve
cve

CVE-2019-18641

Rock RMS before 1.8.6 mishandles vCard access control within the People/GetVCard/REST...

9.8CVSS

9.4AI Score

0.012EPSS

2020-03-20 09:15 PM
91
2
cve
cve

CVE-2019-18643

Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow an attacker to...

9.8CVSS

9.7AI Score

0.017EPSS

2021-01-07 09:15 PM
35
cve
cve

CVE-2019-18642

Rock RMS version before 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The lack of validation and use of sequential user IDs allows any user to change account details of any other user. This vulnerability could be used to change the...

9.8CVSS

9.3AI Score

0.002EPSS

2021-01-07 09:15 PM
31
1