Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29037

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00385EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/14 11:22 a.m.13 views

CVE-2025-10267

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side...

6.9CVSS7.3AI score0.00385EPSS
Exploits0References1
NVD
NVD
added 2025/09/12 11:15 a.m.3 views

CVE-2025-10267

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side...

6.9CVSS0.00385EPSS
Exploits0References2
CVE
CVE
added 2025/09/12 10:24 a.m.14 views

CVE-2025-10267

CVE-2025-10267 affects the NUP Portal by NewType Infortech. The issue is missing authentication, allowing unauthenticated remote attackers to upload files. If file extension restrictions are bypassed, attackers could upload a webshell and execute it on the server side. Modeled across multiple fee...

6.9CVSS7AI score0.00385EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/12 10:24 a.m.5 views

CVE-2025-10267 NewType Infortech|NUP Portal - Missing Authentication

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side...

6.9CVSS0.00385EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/12 10:19 a.m.9 views

CVE-2025-10266 NewType Infortech|NUP Portal - SQL Injection

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS0.00536EPSS
Exploits0References2
CVE
CVE
added 2025/09/12 10:19 a.m.13 views

CVE-2025-10266

NUP Pro by NewType Infortech is affected by a SQL injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. The CVE entry indicates a critical impact (CONFIDENTIALITY, INTEGRITY, and AVAILABILITY affected) ...

9.8CVSS8AI score0.00536EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/12 10:19 a.m.2 views

CVE-2025-10266 NewType Infortech|NUP Portal - SQL Injection

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS8AI score0.00536EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.1 views

NewType Infortech NUP Portal 访问控制错误漏洞

NewType Infortech NUP Portal is a portal management and collaborative office software system from NewType Infortech Taiwan, China. An access control error vulnerability exists in NewType Infortech NUP Portal, which stems from a lack of authentication and could allow an unauthenticated remote...

6.9CVSS7.3AI score0.00385EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.3 views

NewType Infortech NUP Portal SQL注入漏洞

NewType Infortech NUP Portal is a portal management and collaborative office software system from NewType Infortech Taiwan, China. NewType Infortech NUP Portal suffers from a SQL injection vulnerability that originates from an unauthenticated, remote attacker who can inject arbitrary SQL commands...

9.8CVSS8.1AI score0.00536EPSS
Exploits0References2
Rows per page
Query Builder