Skip to main content

Client Dashboard

6 CVEs product

Monthly

CVE-2024-47656 CRITICAL Act Now

This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Client Dashboard
NVD
CVSS 4.0
9.3
EPSS
0.5%
CVE-2024-47655 HIGH This Week

This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files being uploaded other than the specified extension. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Client Dashboard
NVD
CVSS 4.0
8.6
EPSS
0.7%
CVE-2024-47654 HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Client Dashboard
NVD
CVSS 4.0
7.1
EPSS
0.5%
CVE-2024-47653 HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for modification and cancellation requests through certain API endpoints. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Client Dashboard
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-47652 HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to implementation of inadequate authentication mechanism in the login module wherein access to any users account is granted with just their. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Client Dashboard
NVD
CVSS 4.0
7.6
EPSS
0.4%
CVE-2024-47651 HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Client Dashboard
NVD
CVSS 4.0
7.1
EPSS
0.4%
EPSS 1% CVSS 9.3
CRITICAL Act Now

This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Client Dashboard
NVD
EPSS 1% CVSS 8.6
HIGH This Week

This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files being uploaded other than the specified extension. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Client Dashboard
NVD
EPSS 0% CVSS 7.1
HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Client Dashboard
NVD
EPSS 0% CVSS 7.1
HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for modification and cancellation requests through certain API endpoints. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Client Dashboard
NVD
EPSS 0% CVSS 7.6
HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to implementation of inadequate authentication mechanism in the login module wherein access to any users account is granted with just their. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Client Dashboard
NVD
EPSS 0% CVSS 7.1
HIGH This Week

This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Client Dashboard
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy