Celk Saude

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2024-55198 MEDIUM POC This Month

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Celk Saude
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-51182 MEDIUM POC This Month

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Celk Saude
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-48761 HIGH POC This Week

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Celk Saude
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-55198
EPSS 0% CVSS 5.3
MEDIUM POC This Month

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Celk Saude
NVD GitHub
CVE-2024-51182
EPSS 0% CVSS 6.1
MEDIUM POC This Month

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Celk Saude
NVD GitHub
CVE-2024-48761
EPSS 1% CVSS 8.8
HIGH POC This Week

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Celk Saude
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy