CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

RedhatCVE•added 2025/12/30 7:7 a.m.•1 views

CVE-2025-15225

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files...

8.7CVSS7.1AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 2025/12/30 7:7 a.m.•3 views

CVE-2025-15226

WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

9.8CVSS8.4AI score0.00513EPSS

Exploits0References1

NVD•added 2025/12/29 7:15 a.m.•4 views

CVE-2025-15226

9.8CVSS0.00513EPSS

Exploits0References2

NVD•added 2025/12/29 7:15 a.m.•3 views

CVE-2025-15225

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files...

8.7CVSS0.00092EPSS

Exploits0References2

OSV•added 2025/12/29 7:15 a.m.•0 views

CVE-2025-15226

9.8CVSS6.4AI score

Exploits0References2

OSV•added 2025/12/29 7:15 a.m.•0 views

CVE-2025-15225

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files...

7.5CVSS5.9AI score0.00092EPSS

Exploits0References2

Cvelist•added 2025/12/29 6:39 a.m.•25 views

CVE-2025-15226 Sunnet｜WMPro - Arbitrary File Upload

9.8CVSS0.00513EPSS

Exploits0References2

CVE•added 2025/12/29 6:39 a.m.•6 views

CVE-2025-15226

CVE-2025-15226 concerns WMPro by Sunnet, where an Arbitrary File Upload vulnerability allows unauthenticated remote attackers to upload and execute a web shell on the server, enabling arbitrary code execution . The vulnerability is described in multiple feeds (NVD/Red Hat/CIRCL/etc.) with no spec...

9.8CVSS8.1AI score0.00513EPSS

Exploits0References2Affected Software1

CVE•added 2025/12/29 6:31 a.m.•6 views

CVE-2025-15225

WMPro by Sunnet is affected by an Arbitrary File Read vulnerability exploitable via Relative Path Traversal. The issue allows unauthenticated remote attackers to read arbitrary system files. Available documents consistently describe the vulnerability class and impact but do not specify affected v...

8.7CVSS6.8AI score0.00092EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/12/29 6:31 a.m.•22 views

CVE-2025-15225 Sunnet｜WMPro - Arbitrary File Read

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files...

8.7CVSS0.00092EPSS

Exploits0References2

Positive Technologies•added 2025/12/29 12:0 a.m.•2 views

PT-2025-53702

Name of the Vulnerable Software and Affected Versions WMPro affected versions not specified Description WMPro developed by Sunnet has an arbitrary file upload issue. Unauthenticated remote attackers can upload and execute web shell backdoors, leading to arbitrary code execution on the server...

9.8CVSS7.9AI score0.00513EPSS

Exploits0References6

CNNVD•added 2025/12/29 12:0 a.m.•1 views

SUNNET WMPro 安全漏洞

SUNNET WMPro is a suite of online learning platforms from Taiwan, China's Sunnet Technology SUNNET. A security vulnerability exists in SUNNET WMPro, which stems from the presence of an arbitrary file read vulnerability that could allow an unauthenticated, remote attacker to read arbitrary system...

8.7CVSS6.7AI score0.00092EPSS

Exploits0References2

CNNVD•added 2025/12/29 12:0 a.m.•10 views

SUNNET WMPro 代码问题漏洞

SUNNET WMPro is a suite of online learning platforms from Taiwan, China-based Sunnet Technology SUNNET. SUNNET WMPro suffers from a code issue vulnerability that stems from the presence of an arbitrary file upload vulnerability that could allow an unauthenticated, remote attacker to upload and...

9.8CVSS7.9AI score0.00513EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-2770

Malware in sbrugna...

10CVSS9.2AI score0.05468EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-39844

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00071EPSS

Exploits0References1

NVD•added 2023/09/18 3:15 a.m.•12 views

CVE-2023-35851

SUNNET WMPro portal's FAQ function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to obtain sensitive information via a database...

7.5CVSS7.7AI score0.00071EPSS

Exploits0References1

OSV•added 2023/09/18 3:15 a.m.•1 views

CVE-2023-35850

SUNNET WMPro portal's file management function has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege or a privileged account can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operations...

7.2CVSS6.1AI score0.00225EPSS

Exploits0References1

Cvelist•added 2023/09/18 2:33 a.m.•15 views

CVE-2023-35851 SUNNET WMPro - SQL Injection

SUNNET WMPro portal's FAQ function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to obtain sensitive information via a database...

7.5CVSS7.9AI score0.00071EPSS

Exploits0References1

Vulnrichment•added 2023/09/18 2:30 a.m.•9 views

CVE-2023-35850 SUNNET WMPro - Command Injection

7.2CVSS7.7AI score0.00225EPSS

Exploits0References1

Positive Technologies•added 2023/09/18 12:0 a.m.•2 views

PT-2023-25345 · Unknown · Sunnet Wmpro Portal

Name of the Vulnerable Software and Affected Versions: SUNNET WMPro portal affected versions not specified Description: The SUNNET WMPro portal's FAQ function has insufficient validation for user input, allowing an unauthenticated remote attacker to inject arbitrary SQL commands and obtain...

7.5CVSS7.8AI score0.00071EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by