Skip to main content

C2Box

2 CVEs product

Monthly

CVE-2015-4626 HIGH POC This Week

B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure C2Box
NVD VulDB
CVSS 3.0
7.5
EPSS
0.2%
CVE-2015-4460 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 (r19171) allows remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF C2Box
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
EPSS 0% CVSS 7.5
HIGH POC This Week

B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure C2Box
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 (r19171) allows remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF C2Box
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy