Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
esi products webeoc 6.0.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-2282
Multiple cross-site scripting (XSS) vulnerabilities in WebEOC prior to 6.0.2 allow remote malicious users to inject arbitrary web script and HTML via unknown vectors.
Esi Products Webeoc 6.0.2
7.5
CVSSv2
CVE-2005-2284
Multiple SQL injection vulnerabilities in WebEOC prior to 6.0.2 allow remote malicious users to modify SQL statements via unknown attack vectors.
Esi Products Webeoc
10
CVSSv2
CVE-2005-2286
WebEOC prior to 6.0.2 does not properly check user authorization, which allows remote malicious users to gain privileges via a direct request to a resource.
Esi Products Webeoc
4
CVSSv2
CVE-2005-4002
WebEOC prior to 6.0.2 uses the same secret key for all installations, which allows attackers with the key to decrypt data from any WebEOC installation.
Esi Products Webeoc
2.1
CVSSv2
CVE-2005-2283
WebEOC prior to 6.0.2 does not properly restrict the size of an uploaded file, which allows remote authenticated users to cause a denial of service (system and database resource consumption) via a large file.
Esi Products Webeoc
5
CVSSv2
CVE-2005-2285
WebEOC prior to 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote malicious users to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.
Esi Products Webeoc
5
CVSSv2
CVE-2005-4029
WebEOC prior to 6.0.2 allows remote malicious users to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.
Esi Products Webeoc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started