mieweb 漏洞與 CVE 列表(6)

產品(CPE): — CVE 數: 6

mieweb 漏洞概覽

彙總 mieweb 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 跨站腳本與CSRF 等問題,部分漏洞可能導致 工作階段劫持,並影響 軟體部署與生產負載 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 166 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-35029 Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to add arbitrary content in the 'Demographic Information' page. This content will be rendered and executed when a victim accesses it. This issue is fixed as of 2025-03-14. 9119a7d8-5eab-497f-8521-727c672e3725 4.8 0.17% 2025-11-20 2026-06-17
CVE-2025-35034 Medical Informatics Engineering Enterprise Health has a reflected cross site scripting vulnerability in the 'portlet_user_id' URL parameter. A remote, unauthenticated attacker can craft a URL that can execute arbitrary JavaScript in the victim's browser. This issue is fixed as of 2025-03-14. 9119a7d8-5eab-497f-8521-727c672e3725 5.1 0.24% 2025-09-29 2026-06-17
CVE-2025-35033 Medical Informatics Engineering Enterprise Health has a CSV injection vulnerability that allows a remote, authenticated attacker to inject macros in downloadable CSV files. This issue is fixed as of 2025-03-14. 9119a7d8-5eab-497f-8521-727c672e3725 6.3 0.22% 2025-09-29 2026-06-17
CVE-2025-35032 Medical Informatics Engineering Enterprise Health allows authenticated users to upload arbitrary files. The impact of this behavior depends on how files are accessed. This issue is fixed as of 2025-04-08. 9119a7d8-5eab-497f-8521-727c672e3725 6.2 0.23% 2025-09-29 2026-06-17
CVE-2025-35031 Medical Informatics Engineering Enterprise Health includes the user's current session token in debug output. An attacker could convince a user to send this output to the attacker, thus allowing the attacker to impersonate that user. This issue is fixed as of 2025-04-08. 9119a7d8-5eab-497f-8521-727c672e3725 4.6 0.13% 2025-09-29 2026-06-17
CVE-2025-35030 Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and perform actions on behalf of that administrative user. This issue is fixed as of 2025-04-08. 9119a7d8-5eab-497f-8521-727c672e3725 8.6 0.18% 2025-09-29 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence