Skip to main content

Integria Ims

7 CVEs product

Monthly

CVE-2021-3834 MEDIUM This Month

Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Integria Ims
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-3833 CRITICAL Act Now

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integria Ims
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-3832 CRITICAL Act Now

Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Integria Ims
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2019-15091 CRITICAL Act Now

filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Integria Ims
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-1000812 HIGH POC PATCH This Week

Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure PHP Integria Ims
NVD GitHub
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-19829 MEDIUM POC This Month

Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Integria Ims
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
1.9%
CVE-2018-19828 MEDIUM POC This Month

Artica Integria IMS 5.0.83 has XSS via the search_string parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Integria Ims
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
2.3%
EPSS 1% CVSS 6.1
MEDIUM This Month

Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Integria Ims
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integria Ims
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Integria Ims
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Integria Ims
NVD
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure PHP Integria Ims
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Integria Ims
NVD Exploit-DB
EPSS 2% CVSS 6.1
MEDIUM POC This Month

Artica Integria IMS 5.0.83 has XSS via the search_string parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Integria Ims
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy