First published: Wed Oct 02 2024(Updated: )
The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP.
Credit: disclosure@vulncheck.com
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.