Filtered by vendor Omicard Edm Project
Subscriptions
Filtered by product Omicard Edm
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32964 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-17 | 9.8 Critical |
| OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service. | ||||
| CVE-2022-32963 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-17 | 7.5 High |
| OMICARD EDM’s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. | ||||
| CVE-2022-35216 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-16 | 7.5 High |
| OMICARD EDM’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. | ||||
| CVE-2022-32965 | 1 Omicard Edm Project | 1 Omicard Edm | 2024-09-16 | 9.8 Critical |
| OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service. | ||||
Page 1 of 1.