Vulnerabilities > Imaworldhealth

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-05	CVE-2023-0944	Incorrect Permission Assignment for Critical Resource vulnerability in Imaworldhealth Bhima 1.27.0 Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitrary user session data such as username, email and password. network low complexity imaworldhealth CWE-732	4.3
2023-04-05	CVE-2023-0959	Improper Privilege Management vulnerability in Imaworldhealth Bhima 1.27.0 Bhima version 1.27.0 allows a remote attacker to update the privileges of any account registered in the application via a malicious link sent to an administrator. network low complexity imaworldhealth CWE-269	6.5
2023-04-05	CVE-2023-0967	Authorization Bypass Through User-Controlled Key vulnerability in Imaworldhealth Bhima 1.27.0 Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view sensitive data of other application users and data that should only be viewed by the administrator. network low complexity imaworldhealth CWE-639	6.5

Vulnerabilities > Imaworldhealth {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Imaworldhealth"}]}