CVE-2025-3984

A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java of the component...

CVE-2025-3984 Apereo CAS Groovy Code RegisteredServiceSimpleFormController.java saveService code injection

A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java of the component...

CVE-2025-3984

CVE-2025-3984 affects Apereo CAS 5.2.6. The vulnerability targets the saveService function in cas-5.2.6/webapp-mgmt/cas-management-webapp-support/src/main/java/org/apereo/cas/mgmt/services/web/RegisteredServiceSimpleFormController.java (Groovy Code Handler), enabling code injection. Reported as n...

PT-2025-18015

Name of the Vulnerable Software and Affected Versions Apereo CAS version 5.2.6 Description A critical issue was found, affecting the saveService function of the RegisteredServiceSimpleFormController.java file in the Groovy Code Handler component. This issue leads to code injection and can be...

CVE-2024-12661

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack need...

CVE-2024-9907 QileCMS Verification Code Forget.php sendEmail password recovery

A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated...

CVE-2024-9907

CVE-2024-9907 affects QileCMS up to version 1.1.3, specifically the Verification Code Handler’s sendEmail functionality in /qilecms/user/controller/Forget.php. The issue allows manipulation that results in weak password recovery. Attacks are described as remote, with high attack complexity and di...

CVE-2024-8339

A vulnerability was found in SourceCodester Electric Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /?page=tracks of the component Connection Code Handler. The manipulation of the argument code leads to sql injection...

CVE-2024-8339 SourceCodester Electric Billing Management System Connection Code ?page=tracks sql injection

A vulnerability was found in SourceCodester Electric Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /?page=tracks of the component Connection Code Handler. The manipulation of the argument code leads to sql injection...

CVE-2024-7704

A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecologydev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack...

CVE-2024-7704 Weaver e-cology Source Code ecology_dev.zip information disclosure

A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecologydev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack...

CVE-2024-7704 Weaver e-cology Source Code ecology_dev.zip information disclosure

A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecologydev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack...

CVE-2024-7704

Weaver e-cology 8 is affected in the Source Code Handler component, via an issue in the file /cloudstore/ecode/setup/ecology_dev.zip. The vulnerability enables information disclosure and can be exploited remotely; exploitation has been disclosed publicly. The available connected docs do not speci...

PT-2024-38524 · Unknown · Weaver E-Cology

Name of the Vulnerable Software and Affected Versions: Weaver e-cology version 8 Description: A vulnerability was found in the Source Code Handler component of Weaver e-cology, affecting an unknown function of the file /cloudstore/ecode/setup/ecology dev.zip. This issue leads to information...

CVE-2023-4177

A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This issue affects some unknown processing of the component Multi-Factor Authentication Code Handler. The manipulation leads to information disclosure. The complexity of an attack is rather high. The...

CVE-2023-4177

CVE-2023-4177 affects EmpowerID up to version 7.205.0.0, involving unknown processing within the Multi-Factor Authentication Code Handler that can lead to information disclosure. The issue has high confidentiality impact with low attack complexity and low privileges required; exploitation is desc...

CVE-2023-2873

A vulnerability classified as critical was found in Twister Antivirus 8. This vulnerability affects the function 0x804f2143/0x804f217f/0x804f214b/0x80800043 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Local access is required to...

PT-2023-2908 · Flexihub · Flexihub

Name of the Vulnerable Software and Affected Versions: FlexiHub version 5.5.14691.0 Description: A problematic vulnerability has been found in the library fusbhub.sys of the component IoControlCode Handler, affecting the function 0x220088. This leads to a null pointer dereference. The attack must...

PT-2023-17161 · Unknown · Drivergenius

Name of the Vulnerable Software and Affected Versions: DriverGenius version 9.70.0.346 Description: A critical vulnerability has been found in DriverGenius, affecting the function 0x9C40A0D8/0x9C40A0DC/0x9C40A0E0 in the library mydrivers64.sys of the component IOCTL Handler. This manipulation lea...

CVE-2023-1646

A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to...