23 matches found
EUVD-2025-4210
Malicious code in bioql PyPI...
EUVD-2025-4208
Malicious code in bioql PyPI...
EUVD-2025-4209
Malicious code in bioql PyPI...
CVE-2025-26523
This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other...
CVE-2025-26522
This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses. Successful exploitation of this vulnerability could...
CVE-2025-26524
This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/...
CVE-2025-26522
This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses. Successful exploitation of this vulnerability could...
CVE-2025-26523
This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other...
CVE-2025-26524
This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/...
CVE-2025-26524
The CVE-2025-26524 entry describes a flaw in the RupeeWeb trading platform where missing rate limiting on OTP request endpoints allows an authenticated remote attacker to flood OTP requests (OTP bombing) against the targeted system. Concrete details across connected sources identify the affected ...
CVE-2025-26524 No Rate Limiting Vulnerability in RupeeWeb trading platform
This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/...
CVE-2025-26524 No Rate Limiting Vulnerability in RupeeWeb trading platform
This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/...
CVE-2025-26523 Insufficient Authorization Vulnerability in RupeeWeb trading platform
This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other...
CVE-2025-26523 Insufficient Authorization Vulnerability in RupeeWeb trading platform
This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other...
CVE-2025-26522 Authentication Bypass Vulnerability in RupeeWeb trading platform
This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses. Successful exploitation of this vulnerability could...
CVE-2025-26522
The CVE-2025-26522 entry describes a flaw in the RupeeWeb trading platform where OTP validation is improperly implemented in certain API endpoints. The vulnerability can be exploited by a remote attacker who has valid credentials to manipulate API responses, potentially bypassing Two-Factor Authe...
CVE-2025-26522 Authentication Bypass Vulnerability in RupeeWeb trading platform
This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses. Successful exploitation of this vulnerability could...
PT-2025-7176 · Rupeeweb · Rupeeweb
Name of the Vulnerable Software and Affected Versions: RupeeWeb trading platform affected versions not specified Description: This issue exists due to improper implementation of the OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this by...
PT-2025-7177 · Rupeeweb · Rupeeweb
Name of the Vulnerable Software and Affected Versions: RupeeWeb trading platform affected versions not specified Description: This issue exists due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation could allow an...
PT-2025-7178 · Rupeeweb · Rupeeweb
Name of the Vulnerable Software and Affected Versions: RupeeWeb trading platform affected versions not specified Description: The issue is caused by missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this by sending multiple OTP requests...