CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/04/16 5:37 p.m.•4 views

CVE-2025-27495

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS8.1AI score0.00807EPSS

NVD•added 2025/04/16 1:15 p.m.•5 views

CVE-2025-39517

Cross-Site Request Forgery CSRF vulnerability in WP Map Plugins Basic Interactive World Map basic-interactive-world-map allows Cross Site Request Forgery.This issue affects Basic Interactive World Map: from n/a through = 2.7...

4.3CVSS0.00174EPSS

Vulnrichment•added 2025/04/16 12:45 p.m.•8 views

CVE-2025-39517 WordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

4.3CVSS8.6AI score0.00174EPSS

Cvelist•added 2025/04/16 12:45 p.m.•19 views

CVE-2025-39517 WordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

4.3CVSS0.00174EPSS

CVE•added 2025/04/16 12:0 a.m.•76 views

CVE-2025-43704

CVE-2025-43704 affects Arctera/Veritas Data Insight prior to 7.1.2. The issue allows sending cleartext credentials when the product is configured to use HTTP Basic Authentication to a Dell Isilon OneFS server. The reported remediation is to upgrade to version 7.1.2 or later. Exploit details or ac...

4.7CVSS7.2AI score0.00119EPSS

8.8CVSS8.5AI score0.00604EPSS

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateProjectCrossCommunications that can be exploited by an attacker to bypass...

8.8CVSS8.5AI score0.00604EPSS

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method LockProjectUserRights, which can be exploited by an attacker to bypass authorization...

8.8CVSS8.4AI score0.00648EPSS

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateBufferingSettings, which can be exploited by an attacker to bypa...

Positive Technologies•added 2025/04/16 12:0 a.m.•6 views

PT-2025-16823 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

9CVSS7.5AI score0.00604EPSS

Exploits0References6

Positive Technologies•added 2025/04/16 12:0 a.m.•4 views

PT-2025-16849 · Unknown · Telecontrol Server Basic

9CVSS7.5AI score0.00525EPSS

Exploits0References4

Positive Technologies•added 2025/04/16 12:0 a.m.•7 views

PT-2025-16873 · Unknown · Telecontrol Server Basic

9CVSS7.5AI score0.00525EPSS

Exploits0References7

8.8CVSS8.4AI score0.00604EPSS

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from the internally used 'UpdateProject' method. An attacker could use this vulnerability to bypass authorization...

Positive Technologies•added 2025/04/16 12:0 a.m.•5 views

PT-2025-16872 · Unknown · Telecontrol Server Basic

9CVSS7.5AI score0.00525EPSS

Exploits0References8

Positive Technologies•added 2025/04/16 12:0 a.m.•5 views

PT-2025-16851 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application, specifically through the LockTcmSettings method. This could allow an authenticated remote attacker ...

9CVSS7.4AI score0.00525EPSS

Exploits0References5

Positive Technologies•added 2025/04/16 12:0 a.m.•7 views

PT-2025-16869 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used ExportCertificate method. This could allow an authenticated remote...

9CVSS7.4AI score0.00335EPSS

Exploits0References8

Positive Technologies•added 2025/04/16 12:0 a.m.•6 views

PT-2025-16862 · Unknown · Telecontrol Server Basic

9CVSS7.5AI score0.0049EPSS

Exploits0References6

9.8CVSS8.9AI score0.00807EPSS

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to cause remote code execution...

8.8CVSS8.4AI score0.00648EPSS

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateTcmSettings, which can be exploited by an attacker to bypass...