CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...

9.8CVSS6.2AI score0.01443EPSS

Exploits1References2

CNNVD•added 2025/04/26 12:0 a.m.•1 views

Serosoft Solutions Academia Student Information System EagleR 安全漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR version 1.0.118, which stems from improper manipulation of the file path...

6.4CVSS6.4AI score0.01443EPSS

Exploits1References3

RedhatCVE•added 2025/03/05 1:10 a.m.•17 views

CVE-2025-25950

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

8.1CVSS6.9AI score0.00126EPSS

Exploits0References1

RedhatCVE•added 2025/03/05 1:5 a.m.•5 views

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS6.9AI score0.00079EPSS

Exploits0References1

NVD•added 2025/03/03 1:15 a.m.•7 views

CVE-2025-27583

9.1CVSS0.00079EPSS

Exploits0References1

NVD•added 2025/03/03 1:15 a.m.•4 views

CVE-2025-27585

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update...

5.4CVSS0.00105EPSS

Exploits0References1

OSV•added 2025/03/03 1:15 a.m.•0 views

CVE-2025-27583

9.1CVSS5.7AI score

Exploits0References1

OSV•added 2025/03/03 1:15 a.m.•0 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

5.4CVSS5.9AI score0.00105EPSS

Exploits0References1

OSV•added 2025/03/03 1:15 a.m.•0 views

CVE-2025-25949

5.4CVSS5.9AI score0.00175EPSS

Exploits1References3

OSV•added 2025/03/03 1:15 a.m.•1 views

CVE-2025-25948

Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS5.7AI score0.03208EPSS

Exploits1References3

NVD•added 2025/03/03 1:15 a.m.•10 views

CVE-2025-25953

Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information...

6.5CVSS0.00056EPSS

Exploits0References3

OSV•added 2025/03/03 1:15 a.m.•1 views

CVE-2025-25950

8.1CVSS5.7AI score0.00126EPSS

Exploits0References3

OSV•added 2025/03/03 1:15 a.m.•1 views

CVE-2025-25951

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information...

7.5CVSS5.8AI score0.00183EPSS

Exploits0References3

OSV•added 2025/03/03 1:15 a.m.•2 views

CVE-2025-25952

An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...

6.5CVSS5.8AI score0.00078EPSS

Exploits0References3

CNNVD•added 2025/03/03 12:0 a.m.•2 views

Serosoft Solutions Academia Student Information System EagleR 安全漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR v1.0.118, which stems from an insecure direct object reference in the...

6.5CVSS6.3AI score0.00078EPSS

Exploits0References2

Vulnrichment•added 2025/03/03 12:0 a.m.•8 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

5.4AI score0.00105EPSS

Exploits0References1

Positive Technologies•added 2025/03/03 12:0 a.m.•2 views

PT-2025-9240

Name of the Vulnerable Software and Affected Versions Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR version 1.0.118 Description The issue is related to incorrect access control in the component "/rest/staffResource/update" of the affected software, allowing unauthorize...

8.1CVSS6.5AI score0.00126EPSS

Exploits0References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by