Filtered by vendor Omicard Edm Project
Subscriptions
Filtered by product Omicard Edm
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-32964 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-17 | 9.8 Critical |
OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service. | ||||
CVE-2022-32963 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-17 | 7.5 High |
OMICARD EDM’s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. | ||||
CVE-2022-35216 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-16 | 7.5 High |
OMICARD EDM’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. | ||||
CVE-2022-32965 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-16 | 9.8 Critical |
OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service. |
Page 1 of 1.