Filtered by vendor Idattend
Subscriptions
Filtered by product Idweb
Subscriptions
Total
30 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-26584 | 1 Idattend | 1 Idweb | 2024-09-10 | 9.8 Critical |
Unauthenticated SQL injection in the GetStudentInconsistencies method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | ||||
CVE-2023-26581 | 1 Idattend | 1 Idweb | 2024-09-10 | 9.8 Critical |
Unauthenticated SQL injection in the GetVisitors method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | ||||
CVE-2023-27261 | 1 Idattend | 1 Idweb | 2024-09-10 | 5.3 Medium |
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers. | ||||
CVE-2023-27262 | 1 Idattend | 1 Idweb | 2024-09-10 | 9.8 Critical |
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | ||||
CVE-2023-26576 | 1 Idattend | 1 Idweb | 2024-08-02 | 7.5 High |
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. | ||||
CVE-2023-26575 | 1 Idattend | 1 Idweb | 2024-08-02 | 7.5 High |
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student and teacher data by unauthenticated attackers. | ||||
CVE-2023-26573 | 1 Idattend | 1 Idweb | 2024-08-02 | 8.2 High |
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials. | ||||
CVE-2023-26571 | 1 Idattend | 1 Idweb | 2024-08-02 | 7.5 High |
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and earlier allows modification of student data by unauthenticated attackers. | ||||
CVE-2023-26574 | 1 Idattend | 1 Idweb | 2024-08-02 | 7.5 High |
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. | ||||
CVE-2023-26570 | 1 Idattend | 1 Idweb | 2024-08-02 | 7.5 High |
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. |