207 matches found
CVE-2025-12623
CVE-2025-12623 affects the fushengqian fuint system, specifically the code path in fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java (Authentication Token Handler). The Red Hat/NVD entries describe an authorization bypass that can be triggered remotel...
CVE-2025-12288
A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an unknown function of the file /user/edituser/ of the component User Profile Handler. Performing manipulation results in authorization bypass. Remote exploitation of the attack is possible. The exploit is no...
EUVD-2025-36334
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...
CVE-2025-12283
A security flaw has been discovered in code-projects Client Details System 1.0. The impacted element is an unknown function. The manipulation results in authorization bypass. The attack can be launched remotely. The exploit has been released to the public and may be exploited...
PT-2025-43955
Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A security flaw exists that allows for authorization bypass. The issue is located within an unknown function and can be exploited remotely. The exploit for this issue has been publicl...
EUVD-2019-15006
Malware in sbrugna...
ROS-20251007-04
A vulnerability in GLPI's computer hardware request, incident, and inventory system is related to a key-based authorization bypass. key authorization. Exploitation of the vulnerability could allow a remote intruder, compromise the system Vulnerability in the GLPI computer equipment request,...
CVE-2025-11321
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...
EUVD-2025-32435
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
CVE-2025-11272
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...
ZKEACMS 授权问题漏洞
ZKEACMS is a visually designed, WYSIWYG content management system from ZKEASOFT open source. An authorization issue vulnerability exists in ZKEACMS 4.3 and earlier versions, which stems from improper authorization of the Delete function in the file...
EUVD-2022-28608
Malicious code in bioql PyPI...
EUVD-2025-31393
Malicious code in bioql PyPI...
EUVD-2025-31178
Malicious code in bioql PyPI...
EUVD-2025-31173
Malicious code in bioql PyPI...
EUVD-2025-31392
Malicious code in bioql PyPI...
CVE-2025-11047
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument alunoid causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and cou...
CVE-2025-10988
A vulnerability was identified in YunaiV ruoyi-vue-pro up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor w...
PT-2025-39708
Name of the Vulnerable Software and Affected Versions Portabilis i-Educar versions up to 2.10 Description A flaw exists in Portabilis i-Educar up to version 2.10, related to improper authorization. The issue affects an unknown part of the file /periodo-lancamento. Manipulation of this file can le...
PT-2025-39692
Name of the Vulnerable Software and Affected Versions Portabilis i-Educar versions up to 2.10 Description A weakness exists in Portabilis i-Educar up to version 2.10, related to improper authorization. The issue is triggered by manipulating the aluno id argument within an unknown function of the...