Webeoc Security Vulnerabilities and Issues — Webeoc CVE List

Lucene search

Esi ProductsWebeoc

5 matches found

CVE•added 2005/07/18 4:0 a.m.•42 views

CVE-2005-2285

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.

5CVSS6.3AI score0.00539EPSS

CVE•added 2005/07/18 4:0 a.m.•39 views

CVE-2005-2282

Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before 6.0.2 allow remote attackers to inject arbitrary web script and HTML via unknown vectors.

4.3CVSS5.8AI score0.00536EPSS

CVE•added 2005/07/18 4:0 a.m.•38 views

CVE-2005-2284

Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack vectors.

7.5CVSS7.8AI score0.00477EPSS

CVE•added 2005/07/18 4:0 a.m.•38 views

CVE-2005-2286

WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct request to a resource.

10CVSS6.9AI score0.00949EPSS

CVE•added 2005/07/18 4:0 a.m.•36 views

CVE-2005-2283

WebEOC before 6.0.2 does not properly restrict the size of an uploaded file, which allows remote authenticated users to cause a denial of service (system and database resource consumption) via a large file.

2.1CVSS6.2AI score0.00139EPSS