Lucene search
K

207 matches found

CVE
CVE
added 2025/11/03 8:2 a.m.15 views

CVE-2025-12623

CVE-2025-12623 affects the fushengqian fuint system, specifically the code path in fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java (Authentication Token Handler). The Red Hat/NVD entries describe an authorization bypass that can be triggered remotel...

3.1CVSS6.3AI score0.00344EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/28 3:4 p.m.2 views

CVE-2025-12288

A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an unknown function of the file /user/edituser/ of the component User Profile Handler. Performing manipulation results in authorization bypass. Remote exploitation of the attack is possible. The exploit is no...

8.8CVSS6.3AI score0.00429EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/27 6:32 p.m.5 views

EUVD-2025-36334

A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...

5.3CVSS6.1AI score0.00236EPSS
Exploits0References5
NVD
NVD
added 2025/10/27 2:15 p.m.16 views

CVE-2025-12283

A security flaw has been discovered in code-projects Client Details System 1.0. The impacted element is an unknown function. The manipulation results in authorization bypass. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

8.1CVSS0.00433EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-43955

Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A security flaw exists that allows for authorization bypass. The issue is located within an unknown function and can be exploited remotely. The exploit for this issue has been publicl...

8.1CVSS4.5AI score0.00433EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-15006

Malware in sbrugna...

10CVSS9.4AI score0.04296EPSS
Exploits0References2
Redos
Redos
added 2025/10/07 12:0 a.m.3 views

ROS-20251007-04

A vulnerability in GLPI's computer hardware request, incident, and inventory system is related to a key-based authorization bypass. key authorization. Exploitation of the vulnerability could allow a remote intruder, compromise the system Vulnerability in the GLPI computer equipment request,...

6.5CVSS4.9AI score0.00256EPSS
Exploits0
NVD
NVD
added 2025/10/06 5:15 a.m.4 views

CVE-2025-11321

A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...

5.3CVSS0.00326EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/04 9:30 p.m.7 views

EUVD-2025-32435

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS6AI score0.00262EPSS
Exploits0References6
NVD
NVD
added 2025/10/04 8:15 p.m.7 views

CVE-2025-11272

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS0.00262EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/04 12:0 a.m.4 views

ZKEACMS 授权问题漏洞

ZKEACMS is a visually designed, WYSIWYG content management system from ZKEASOFT open source. An authorization issue vulnerability exists in ZKEACMS 4.3 and earlier versions, which stems from improper authorization of the Delete function in the file...

5.5CVSS5.5AI score0.00262EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28608

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00966EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-31393

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00348EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-31178

Malicious code in bioql PyPI...

6.5CVSS4.9AI score0.00368EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31173

Malicious code in bioql PyPI...

6.5CVSS4.9AI score0.00368EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31392

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00348EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/09/27 9:32 p.m.9 views

CVE-2025-11047

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument alunoid causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and cou...

6.5CVSS6.7AI score0.00348EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/27 12:49 a.m.11 views

CVE-2025-10988

A vulnerability was identified in YunaiV ruoyi-vue-pro up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor w...

6.5CVSS6.5AI score0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/27 12:0 a.m.8 views

PT-2025-39708

Name of the Vulnerable Software and Affected Versions Portabilis i-Educar versions up to 2.10 Description A flaw exists in Portabilis i-Educar up to version 2.10, related to improper authorization. The issue affects an unknown part of the file /periodo-lancamento. Manipulation of this file can le...

6.5CVSS6AI score0.00348EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.7 views

PT-2025-39692

Name of the Vulnerable Software and Affected Versions Portabilis i-Educar versions up to 2.10 Description A weakness exists in Portabilis i-Educar up to version 2.10, related to improper authorization. The issue is triggered by manipulating the aluno id argument within an unknown function of the...

6.5CVSS6.1AI score0.00348EPSS
Exploits1References9
Rows per page
Query Builder