Engelsystem
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50924 | Hig | 0.00 | 7.3 | 0.00 | Dec 22, 2023 | Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log… | ||
| CVE-2023-45659 | Low | 0.00 | 3.6 | 0.00 | Oct 17, 2023 | Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This… | ||
| CVE-2023-45152 | Low | 0.00 | 2.0 | 0.00 | Oct 17, 2023 | Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators… | ||
| CVE-2018-19182 | Hig | 0.00 | 8.8 | 0.01 | Dec 26, 2018 | Engelsystem before commit hash 2e28336 allows CSRF. |
- risk 0.00cvss 7.3epss 0.00
Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log…
- risk 0.00cvss 3.6epss 0.00
Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This…
- risk 0.00cvss 2.0epss 0.00
Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators…
- risk 0.00cvss 8.8epss 0.01
Engelsystem before commit hash 2e28336 allows CSRF.