Lucene search
K
CelkCelk Saude

4 matches found

CVE
CVE
added 2025/01/29 12:0 a.m.56 views

CVE-2024-48761

CVE-2024-48761 affects Celk Saude v3.1.252.1 and is a reflected XSS vulnerability exploitable via the erro parameter, allowing remote injection of JavaScript. Several connected sources confirm the same issue and describe improper validation/sanitization of the erro input as the root cause. Impact...

8.8CVSS8.9AI score0.00552EPSS
CVE
CVE
added 2025/01/29 12:0 a.m.54 views

CVE-2024-51182

CVE-2024-51182 affects Celk Sistemas Celk Saude v3.1.252.1. The vulnerability is an HTML injection via the erro parameter, enabling a remote attacker to inject arbitrary HTML code and potentially manipulate renderings. CVSS 3.1 base score 6.1 (Network, Privileges None, User Interaction Required; ...

6.1CVSS6.5AI score0.00316EPSS
CVE
CVE
added 2025/03/13 12:0 a.m.50 views

CVE-2024-55198

CVE-2024-55198 affects Celk Sistemas Celk Saude v3.1.252.1. The vulnerability arises from discrepancies in error messages in the password recovery flow, enabling a remote attacker to enumerate existing users. Impact is user enumeration; no additional exploit details or exploitation status are pro...

5.3CVSS6.8AI score0.00421EPSS
CVE
CVE
added 2025/03/10 12:0 a.m.46 views

CVE-2024-55199

CVE-2024-55199 describes a Stored XSS in Celk Sistemas Celk Saude v3.1.252.1. The vulnerability allows an attacker to embed JavaScript inside a PDF uploaded via the file-upload feature; when the PDF is rendered, the script executes in the user’s browser. Affected product/version: Celk Saude v3.1....

5.4CVSS6AI score0.00291EPSS