All 7 CVE vulnerabilities found in rengine, with AI-generated Chinese analysis, references, and POCs.
Vendor: yogeshojha
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-58287 | reNgine 2.2.0 Authenticated Command Injection via Scan Engine Configuration CWE-78 | 8.8AI | HighAI | 2025-12-11 |
| CVE-2025-24968 | Business Logic And Unrestricted Project Deletion Lead To Take Over the System in reNgine CWE-284 | 8.8 | High | 2025-02-04 |
| CVE-2025-24967 | Stored XSS on Admin Panel When Deleting a User in reNgine CWE-79 | 5.4 | - | 2025-02-04 |
| CVE-2025-24966 | HTML Injection in reNgine CWE-79 | 5.4 | - | 2025-02-04 |
| CVE-2025-24899 | Disclosure of Sensitive User Information via API in reNgine CWE-200 | 6.5 | - | 2025-02-03 |
| CVE-2025-24962 | Command Injection in reNgine CWE-74 | 8.8 | - | 2025-02-03 |
| CVE-2024-43381 | reNgine vulnerable to Stored Cross-Site Scripting (XSS) via DNS Record Poisoning CWE-79 | 5.0 | Medium | 2024-08-16 |
All 7 known CVE vulnerabilities affecting rengine with full Chinese analysis, references, and POCs where available.