VYPR
Vendor

Engelsystem

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2023-50924HigDec 22, 2023
    risk 0.00cvss 7.3epss 0.00

    Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log…

  • CVE-2023-45659LowOct 17, 2023
    risk 0.00cvss 3.6epss 0.00

    Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This…

  • CVE-2023-45152LowOct 17, 2023
    risk 0.00cvss 2.0epss 0.00

    Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators…

  • CVE-2018-19182HigDec 26, 2018
    risk 0.00cvss 8.8epss 0.01

    Engelsystem before commit hash 2e28336 allows CSRF.