Every CVE whose affected-product data names Itpison Omicard Edm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-32753 — CVSS 9.8 (critical): OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can…
CVE-2023-48371 — CVSS 9.8 (critical): ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker…
CVE-2023-48372 — CVSS 9.8 (critical): ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this…
CVE-2023-48373 — CVSS 7.5 (high): ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated…
CVE-2023-28700 — CVSS 6.8 (medium): OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker…