Skip to main content

Smart Evision

7 CVEs product

Monthly

CVE-2022-39035 MEDIUM This Month

Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Smart Evision
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-39034 MEDIUM This Month

Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Smart Evision
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-39033 CRITICAL Act Now

Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Smart Evision
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-39032 HIGH This Week

Smart eVision has an improper privilege management vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Smart Evision
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-39031 MEDIUM This Month

Smart eVision has insufficient authorization for task acquisition function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smart Evision
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-39030 HIGH This Week

smart eVision has inadequate authorization for system information query function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smart Evision
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-39029 MEDIUM This Month

Smart eVision has inadequate authorization for the database query function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Smart Evision
NVD
CVSS 3.1
6.5
EPSS
0.7%
EPSS 1% CVSS 6.1
MEDIUM This Month

Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Smart Evision
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Smart Evision
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Smart Evision
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Smart eVision has an improper privilege management vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Smart Evision
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Smart eVision has insufficient authorization for task acquisition function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smart Evision
NVD
EPSS 1% CVSS 7.5
HIGH This Week

smart eVision has inadequate authorization for system information query function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smart Evision
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Smart eVision has inadequate authorization for the database query function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Smart Evision
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy