Shodan
Vulnerabilities
Vulnerable Software
Eramba:  >> Eramba  >> 2.8.1  Security Vulnerabilities
CVE-2020-28031
eramba through c2.8.1 allows HTTP Host header injection with (for example) resultant wkhtml2pdf PDF printing by authenticated users.
CVSS Score
4.3
EPSS Score
0.003
Published
2020-11-02
CVE-2020-25104
eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-09-03
CVE-2020-25105
eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities).
CVSS Score
9.8
EPSS Score
0.003
Published
2020-09-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved