Skip to main content

Risweb

2 CVEs product

Monthly

CVE-2024-26264 CRITICAL Act Now

EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Risweb
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-26263 HIGH This Week

EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Risweb
NVD
CVSS 3.1
7.5
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Risweb
NVD
EPSS 0% CVSS 7.5
HIGH This Week

EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Risweb
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy