Skip to main content

Maarch Rm

3 CVEs product

Monthly

CVE-2022-37772 HIGH POC This Week

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Maarch Rm
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-37774 MEDIUM This Month

There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Maarch Rm
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-37773 MEDIUM POC This Month

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Maarch Rm
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
EPSS 1% CVSS 7.5
HIGH POC This Week

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Maarch Rm
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Maarch Rm
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Maarch Rm
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy