Iagona: >> Scrutisweb >> 2.1.37 Security Vulnerabilities
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-07-18
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote
code execution vulnerability that could allow an unauthenticated user to
upload a malicious payload and execute it.
CVSS Score
10.0
EPSS Score
0.003
Published
2023-07-18
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-07-18
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to an insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-18