VYPR

Web Vul

by Warmbrew

Source repositories

CVEs (7)

  • CVE-2024-44761CriAug 28, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests.

  • CVE-2024-30802CriMay 14, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component.

  • CVE-2024-44759HigNov 15, 2024
    risk 0.49cvss 7.5epss 0.00

    An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.

  • CVE-2024-42678MedAug 15, 2024
    risk 0.40cvss 6.1epss 0.00

    Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component.

  • CVE-2024-42680MedAug 15, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.

  • CVE-2024-30801MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.02

    SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component.

  • CVE-2024-39178MedJul 5, 2024
    risk 0.35cvss 5.4epss 0.00

    MyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via the component /tcpdump/tcpdump.php?menu_uuid.