Lucene search
K

31 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-5842

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-5838

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5837

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00305EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-5839

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00201EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/05 1:24 a.m.23 views

CVE-2025-25951

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information...

7.5CVSS6.2AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:17 a.m.17 views

CVE-2025-25953

Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information...

6.5CVSS7.2AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:7 a.m.30 views

CVE-2025-25949

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update...

5.4CVSS5.3AI score0.00305EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:7 a.m.18 views

CVE-2025-25952

An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...

6.5CVSS6.3AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:5 a.m.11 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:5 a.m.11 views

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS6.9AI score0.00327EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 1:15 a.m.8 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

5.4CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 1:15 a.m.5 views

CVE-2025-27585

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update...

5.4CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 1:15 a.m.30 views

CVE-2025-25951

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information...

7.5CVSS0.0041EPSS
Exploits0References3
NVD
NVD
added 2025/03/03 1:15 a.m.8 views

CVE-2025-25950

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

8.1CVSS0.00336EPSS
Exploits0References3
NVD
NVD
added 2025/03/03 1:15 a.m.10 views

CVE-2025-25952

An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...

6.5CVSS0.00336EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/03 12:0 a.m.4 views

PT-2025-9242

Name of the Vulnerable Software and Affected Versions Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR version 1.0.118 Description The issue is related to an Insecure Direct Object References IDOR in the component "/getStudemtAllDetailsById?studentId=XX". This allows...

6.5CVSS6.3AI score0.00336EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/03/03 12:0 a.m.12 views

CVE-2025-25950

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

0.00336EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/03 12:0 a.m.9 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

5.4AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 12:0 a.m.6 views

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

7.2AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/03 12:0 a.m.10 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

0.00201EPSS
Exploits0References1
Rows per page
Query Builder