CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

40 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-5843

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0041EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-5836

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.00327EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-12482

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.01247EPSS

Exploits1References2

OSV•added 2025/04/26 3:15 p.m.•3 views

CVE-2024-53636

An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...

9.8CVSS6.2AI score0.01247EPSS

Exploits1References2

CNNVD•added 2025/04/26 12:0 a.m.•3 views

Serosoft Solutions Academia Student Information System EagleR 安全漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR version 1.0.118, which stems from improper manipulation of the file path...

6.4CVSS6.4AI score0.01247EPSS

Exploits1References3

RedhatCVE•added 2025/03/05 1:10 a.m.•17 views

CVE-2025-25950

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

8.1CVSS6.9AI score0.00336EPSS

Exploits0References1

RedhatCVE•added 2025/03/05 1:5 a.m.•9 views

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS6.9AI score0.00327EPSS

Exploits0References1

OSV•added 2025/03/03 1:15 a.m.•1 views

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS5.7AI score

Exploits0References1

OSV•added 2025/03/03 1:15 a.m.•5 views

CVE-2025-27584

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...

5.4CVSS5.9AI score0.00197EPSS

Exploits0References1

NVD•added 2025/03/03 1:15 a.m.•21 views

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS0.00327EPSS

Exploits0References1

NVD•added 2025/03/03 1:15 a.m.•5 views

CVE-2025-27585

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update...

5.4CVSS0.00197EPSS

Exploits0References1

NVD•added 2025/03/03 1:15 a.m.•12 views

CVE-2025-25953

Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information...

6.5CVSS0.00364EPSS

Exploits0References3

OSV•added 2025/03/03 1:15 a.m.•2 views

CVE-2025-25949

A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update...

5.4CVSS5.9AI score0.00298EPSS

Exploits1References3

OSV•added 2025/03/03 1:15 a.m.•3 views

CVE-2025-25950

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

8.1CVSS5.7AI score0.00336EPSS

Exploits0References3

OSV•added 2025/03/03 1:15 a.m.•3 views

CVE-2025-25948

Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...

9.1CVSS5.7AI score0.06577EPSS

Exploits1References3

OSV•added 2025/03/03 1:15 a.m.•3 views

CVE-2025-25951

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information...

7.5CVSS5.8AI score0.0041EPSS

Exploits0References3

OSV•added 2025/03/03 1:15 a.m.•3 views

CVE-2025-25952

An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...

6.5CVSS5.8AI score0.00336EPSS

Exploits0References3

CVE•added 2025/03/03 12:0 a.m.•115 views

CVE-2025-25953

CVE-2025-25953 affects Serosoft Solutions Pvt Ltd Academia Student Information System EagleR v1.0.118. The connected sources describe an Azure JWT access token exposure in EagleR, enabling authenticated attackers to escalate privileges and access sensitive information. The base CVSS v3.1 vector i...

6.5CVSS6.9AI score0.00364EPSS

Exploits0References3Affected Software1

CVE•added 2025/03/03 12:0 a.m.•55 views

CVE-2025-27584

CVE-2025-27584 describes a stored XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118. The issue arises when an attacker injects a crafted payload into the First Name/Print Name/User ID parameters handled by the endpoint at /rest/staffResource...

5.4CVSS5.6AI score0.00197EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/03/03 12:0 a.m.•4 views

Serosoft Solutions Academia Student Information System EagleR 安全漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR v1.0.118, which stems from improper access control and allows the creation...

9.1CVSS6.2AI score0.00327EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by