Excellium Services
Products
5- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-32017 | Cri | 0.64 | 9.9 | 0.01 | Aug 3, 2021 | An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files. | ||
| CVE-2021-38618 | Hig | 0.48 | 7.4 | 0.01 | Oct 4, 2021 | In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement. | ||
| CVE-2023-35792 | Med | 0.35 | 5.4 | 0.00 | Jul 31, 2023 | Vound Intella Connect 2.6.0.3 is vulnerable to stored Cross-site Scripting (XSS). | ||
| CVE-2022-30332 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2023 | In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. This allows remote attackers to enumerate accounts via… | ||
| CVE-2020-28402 | Med | 0.35 | 5.4 | 0.01 | Jan 29, 2021 | An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel. |
- risk 0.64cvss 9.9epss 0.01
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files.
- risk 0.48cvss 7.4epss 0.01
In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.
- risk 0.35cvss 5.4epss 0.00
Vound Intella Connect 2.6.0.3 is vulnerable to stored Cross-site Scripting (XSS).
- risk 0.35cvss 5.3epss 0.01
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. This allows remote attackers to enumerate accounts via…
- risk 0.35cvss 5.4epss 0.01
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.