Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evergreen-ils evergreen 2.7.4 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-2204
Evergreen prior to 2.5.9, 2.6.x prior to 2.6.7, and 2.7.x prior to 2.7.4 allows remote malicious users to bypass an intended access restriction and obtain sensitive information about org unit settings by leveraging failure of open-ils.actor.ou_setting.ancestor_default to enforce ...
Evergreen-ils Evergreen
4
CVSSv2
CVE-2013-7435
The open-ils.pcrud endpoint in Evergreen prior to 2.5.9, 2.6.x prior to 2.6.7, and 2.7.x prior to 2.7.4 allows remote malicious users to obtain sensitive settings history information by leveraging lack of user permission for retrieval in fm_IDL.xml.
Evergreen-ils Evergreen
4
CVSSv2
CVE-2015-2203
Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL.
Evergreen-ils Evergreen 2.7.4
Evergreen-ils Evergreen 2.6.7
Evergreen-ils Evergreen 2.5.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started