VYPR
Vendor

EBM Technologies

Products
3
CVEs
6
Across products
6
Status
Private

Products

3

Recent CVEs

6
  • CVE-2024-26264CriFeb 15, 2024
    risk 0.64cvss 9.8epss 0.01

    EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database…

  • CVE-2025-2585HigMar 21, 2025
    risk 0.57cvss 8.8epss 0.00

    EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents.

  • CVE-2024-26262HigFeb 15, 2024
    risk 0.57cvss 8.8epss 0.01

    EBM Technologies Uniweb/SoliPACS WebServer's query functionality lacks proper restrictions of user input, allowing remote attackers authenticated as regular user to inject SQL commands for reading, modifying, and deleting database records, as well as executing system commands.…

  • CVE-2025-11672MedOct 13, 2025
    risk 0.34cvss 5.3epss 0.00

    Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain user group names.

  • CVE-2025-11671MedOct 13, 2025
    risk 0.34cvss 5.3epss 0.00

    Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain information such as account names and IP addresses.

  • CVE-2024-26263MedFeb 15, 2024
    risk 0.34cvss 5.3epss 0.00

    EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login.