Omicard Edm Project Omicard Edm — known CVE vulnerabilities
Every CVE whose affected-product data names Omicard Edm Project Omicard Edm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-32964 — CVSS 9.8 (critical): OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL…
CVE-2022-32965 — CVSS 9.8 (critical): OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the…
CVE-2022-32963 — CVSS 7.5 (high): OMICARD EDM’s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this…
CVE-2022-35216 — CVSS 7.5 (high): OMICARD EDM’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this…