Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IdattendIdweb

12 matches found

CVE
CVEadded 2023/10/25 6:17 p.m.40 views

CVE-2023-27255

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.36 views

CVE-2023-27254

Unauthenticated SQL injection in the GetRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.32 views

CVE-2023-26569

Unauthenticated SQL injection in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00165EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.31 views

CVE-2023-27260

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.30 views

CVE-2023-26584

Unauthenticated SQL injection in the GetStudentInconsistencies method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00165EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.28 views

CVE-2023-26581

Unauthenticated SQL injection in the GetVisitors method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.27 views

CVE-2023-26582

Unauthenticated SQL injection in the GetExcursionDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.26 views

CVE-2023-26583

Unauthenticated SQL injection in the GetCurrentPeriod method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.25 views

CVE-2023-26568

Unauthenticated SQL injection in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.24 views

CVE-2023-27262

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.23 views

CVE-2023-26572

Unauthenticated SQL injection in the GetExcursionList method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

9.8CVSS9.9AI score0.00153EPSS
CVE
CVEadded 2023/10/25 6:17 p.m.23 views

CVE-2023-26573

Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.

9.1CVSS8.5AI score0.00181EPSS