VYPR
Vendor

Vimbadmin

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2017-6086HigJun 27, 2017
    risk 0.60cvss 8.8epss 0.02

    Multiple cross-site request forgery (CSRF) vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote attackers to hijack the authentication of logged administrators to (1) add an administrator user via a crafted POST request to <vimbadmin…

  • CVE-2017-5870MedMay 23, 2017
    risk 0.35cvss 5.4epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) transport parameter to domain/add; the (3) name parameter to mailbox/add/did/; the (4) goto parameter to…