Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Omicard_edm
(Omicard_edm_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-04 | CVE-2022-32963 | OMICARD EDM’s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. | Omicard_edm | N/A | ||
| 2022-08-04 | CVE-2022-32964 | OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service. | Omicard_edm | N/A | ||
| 2022-08-04 | CVE-2022-32965 | OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service. | Omicard_edm | N/A | ||
| 2022-08-04 | CVE-2022-35216 | OMICARD EDM’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. | Omicard_edm | N/A |