Skip to main content

Utime Master

2 CVEs product

Monthly

CVE-2023-45393 MEDIUM POC This Month

An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Utime Master
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-45391 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Utime Master
NVD
CVSS 3.1
4.8
EPSS
0.4%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Utime Master
NVD
EPSS 0% CVSS 4.8
MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Utime Master
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy