Lucene search
K

121 matches found

Vulnrichment
Vulnrichment
added 2025/11/28 7:35 a.m.2 views

CVE-2025-13769 Uniong|WebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS7.6AI score0.00283EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/28 7:35 a.m.7 views

CVE-2025-13769 Uniong|WebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00283EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/28 7:35 a.m.5 views

EUVD-2025-199865

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS7.5AI score0.00283EPSS
Exploits0References3
CVE
CVE
added 2025/11/28 7:35 a.m.14 views

CVE-2025-13769

CVE-2025-13769 concerns WebITR by Uniong, with a SQL injection vulnerability that, when exploited by authenticated remote attackers, can read database contents. The included sources consistently describe the flaw as a SQL injection affecting WebITR; however, no concrete affected version list or v...

7.1CVSS7.7AI score0.00283EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/28 7:31 a.m.4 views

CVE-2025-13768 Uniong|WebITR - Authorization Bypass

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...

7.7CVSS6.5AI score0.00358EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/28 7:31 a.m.25 views

CVE-2025-13768 Uniong|WebITR - Authorization Bypass

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...

7.7CVSS0.00358EPSS
Exploits0References2
CVE
CVE
added 2025/11/28 7:31 a.m.18 views

CVE-2025-13768

CVE-2025-13768 affects WebITR (Uniong). It describes an Authentication Bypass where an authenticated remote attacker can log in as any user by modifying a specific parameter, requiring the attacker to first obtain a user ID. The CVSS 3.1 metrics indicate high impact (C/H, I/H, A/H) with network a...

8.8CVSS6.5AI score0.00358EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/11/28 7:31 a.m.15 views

EUVD-2025-199866

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...

7.7CVSS6.4AI score0.00358EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.6 views

PT-2025-48322

Name of the Vulnerable Software and Affected Versions WebITR affected versions not specified Description WebITR, developed by Uniong, contains an Arbitrary File Read issue stemming from Relative Path Traversal. Authenticated remote attackers can exploit this to download arbitrary system files. Th...

7.1CVSS6.5AI score0.00395EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/11/28 12:0 a.m.4 views

Uniong WebITR SQL注入漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS8.1AI score0.00283EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/28 12:0 a.m.4 views

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that originates from relative path traversal and allows remote attackers to download arbitrary system files...

7.1CVSS6.9AI score0.00395EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.5 views

PT-2025-48321

Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR, developed by Uniong, contains a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...

7.1CVSS7.9AI score0.00283EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/11/28 12:0 a.m.6 views

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that originates from an authentication bypass that allows remote attackers to log in as an arbitrary user by modifying specific parameters...

8.8CVSS7AI score0.00358EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.6 views

PT-2025-48319

Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has an authentication bypass issue. Authenticated remote attackers can log in as any user by modifying a specific parameter. To exploit this, attackers must...

8.8CVSS6.8AI score0.00358EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/11/28 12:0 a.m.5 views

Uniong WebITR SQL注入漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS8.1AI score0.00283EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.8 views

PT-2025-48320

Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...

7.1CVSS7.5AI score0.00283EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25509

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00502EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25510

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00502EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25511

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00487EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25508

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00502EPSS
Exploits0References2
Rows per page
Query Builder