CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-5328

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://becomepentester.blogspot.com/2018/01/ZUUSE-BEIMS-ContractorWeb-Privilege-Escalations-CVE-2018-5328.html
https://becomepentester.blogspot.com/2018/01/ZUUSE-BEIMS-ContractorWeb-Privilege-Escalations-CVE-2018-5328.html

Products affected by CVE-2018-5328

Beims » Contractorweb.net » Version: 5.18.0.0

cpe:2.3:a:beims:contractorweb.net:5.18.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5328

Products

Pricing

Contact Us