Vulnerabilities > CVE-2023-33558 - Unspecified vulnerability in Ocomon Project Ocomon 3.3/4.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ocomon-project

NVD

Published: 2023-10-26

Updated: 2023-11-03

Summary

An information disclosure vulnerability in the component users-grid-data.php of Ocomon before v4.0.1 allows attackers to obtain sensitive information such as e-mails and usernames.

Vulnerable Configurations

Part	Description	Count
Application	Ocomon_Project Ocomon Project Ocomon - Ocomon Project Ocomon 3.3 Ocomon Project Ocomon 4.0	5

References

https://github.com/ninj4c0d3r/OcoMon-Research
https://github.com/ninj4c0d3r/OcoMon-Research/commit/6357def478b11119270b89329fceb115f12c69fc