Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2025-8004

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00294EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-7993

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00431EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/03/26 7:15 p.m.7 views

CVE-2025-2706

A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has...

6.5CVSS7.1AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/26 4:17 p.m.6 views

CVE-2025-2705

A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.1AI score0.00431EPSS
Exploits0References1
NVD
NVD
added 2025/03/24 7:15 p.m.6 views

CVE-2025-2706

A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has...

6.5CVSS0.00294EPSS
Exploits0References4
CVE
CVE
added 2025/03/24 6:31 p.m.83 views

CVE-2025-2706

CVE-2025-2706 affects Digiwin ERP 5.0.1. The vulnerability resides in an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx, where manipulation of the argument File leads to unrestricted upload. This allows a remote attacker to upload arbitrary files, with impact on confidentiality...

6.5CVSS7AI score0.00294EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/24 6:31 p.m.10 views

CVE-2025-2706 Digiwin ERP UploadAjaxAPI.ashx unrestricted upload

A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has...

6.5CVSS7AI score0.00294EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/24 6:31 p.m.14 views

CVE-2025-2706 Digiwin ERP UploadAjaxAPI.ashx unrestricted upload

A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has...

6.5CVSS0.00294EPSS
Exploits0References4
NVD
NVD
added 2025/03/24 4:15 p.m.8 views

CVE-2025-2705

A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00431EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/24 4:0 p.m.14 views

CVE-2025-2705 Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted upload

A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00431EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/03/24 4:0 p.m.9 views

CVE-2025-2705 Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted upload

A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7AI score0.00431EPSS
Exploits0References5
CVE
CVE
added 2025/03/24 4:0 p.m.78 views

CVE-2025-2705

Summary: CVE-2025-2705 affects Digiwin ERP 5.1, specifically the DoUpload/DoWebUpload handler in /Api/FileUploadApi.ashx. The vulnerability arises from manipulation of the File argument, enabling unrestricted file uploads over a remote attack. The exploit has been disclosed publicly. Multiple con...

7.5CVSS7AI score0.00431EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.2 views

Digiwin ERP 代码问题漏洞

Digiwin ERP is an e-commerce platform from China Dingxin Digiwin. A code issue vulnerability exists in Digiwin ERP version 5.1, which originates from an unrestricted upload and could lead to a remote attack...

7.5CVSS7.6AI score0.00431EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.2 views

Digiwin ERP 代码问题漏洞

Digiwin ERP is an e-commerce platform from China Dingxin Digiwin. A code issue vulnerability exists in Digiwin ERP version 5.0.1, which originates from an unrestricted upload and could lead to a remote attack...

6.5CVSS6.7AI score0.00294EPSS
Exploits0References5
Rows per page
Query Builder