CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4626

B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://packetstormsecurity.com/files/136450/C2Box-4.0.0-r19171-Validation-Bypass.html
https://packetstormsecurity.com/files/136450/C2Box-4.0.0-r19171-Validation-Bypass.html

Products affected by CVE-2015-4626

Treasuryxpress » C2box » Version: Any

cpe:2.3:a:treasuryxpress:c2box:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4626

Products

Pricing

Contact Us