Lucene search
K

121 matches found

NVD
NVD
added 2025/08/22 12:15 p.m.9 views

CVE-2025-9254

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...

9.8CVSS0.00608EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/22 11:46 a.m.10 views

CVE-2025-9259 Uniong|WebITR - Arbitrary File Reading through Path Traversal

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS0.00502EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 11:46 a.m.20 views

CVE-2025-9259

CVE-2025-9259 concerns WebITR by Uniong, with an arbitrary file reading vulnerability caused by an Absolute Path Traversal issue. The affected software/component is WebITR; the impact described is that remote attackers with regular privileges can download arbitrary system files. Public references...

7.1CVSS7.4AI score0.00502EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/22 11:43 a.m.8 views

CVE-2025-9258 Uniong|WebITR - Arbitrary File Reading through Path Traversal

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS0.00502EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 11:43 a.m.17 views

CVE-2025-9258

CVE-2025-9258 concerns WebITR (Uniong). The vulnerability is an Arbitrary File Reading via an Absolute Path Traversal flaw in WebITR, allowing remote attackers with regular privileges to download arbitrary system files. Connected sources provide details on affected product (WebITR by Uniong) and ...

7.1CVSS7.4AI score0.00502EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/22 11:43 a.m.4 views

CVE-2025-9258 Uniong|WebITR - Arbitrary File Reading through Path Traversal

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS6.8AI score0.00502EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/22 11:41 a.m.5 views

CVE-2025-9257 Uniong|WebITR - Arbitrary File Reading through Path Traversal

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS6.8AI score0.00502EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 11:41 a.m.21 views

CVE-2025-9257

CVE-2025-9257 involves WebITR by Uniong, which is vulnerable to an Arbitrary File Reading via Absolute Path Traversal . The issue affects the WebITR component and allows a remote attacker with regular privileges to perform a path traversal over the network to download arbitrary system files. The ...

7.1CVSS7.4AI score0.00502EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/08/22 11:34 a.m.18 views

CVE-2025-9256

CVE-2025-9256 affects WebITR (Uniong). An Arbitrary File Reading via Absolute Path Traversal allows remote attackers with regular privileges to download arbitrary system files. Exploitation vectors are network-based with low complexity per CVSS data; impact is high confidentiality. The provided d...

7.1CVSS7.4AI score0.00502EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/22 11:34 a.m.3 views

CVE-2025-9256 Uniong|WebITR - Arbitrary File Reading through Path Traversal

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS7.4AI score0.00502EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/22 11:34 a.m.8 views

CVE-2025-9256 Uniong|WebITR - Arbitrary File Reading through Path Traversal

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS0.00502EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/22 11:25 a.m.3 views

CVE-2025-9255 Uniong|WebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS8.6AI score0.00487EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 11:25 a.m.18 views

CVE-2025-9255

WebITR by Uniong is affected by a SQL injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands and read database contents. The available documents consistently describe this as a SQL injection issue in the WebITR system, without providing concrete deta...

8.7CVSS8.6AI score0.00487EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/22 11:25 a.m.13 views

CVE-2025-9255 Uniong|WebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS0.00487EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/22 11:21 a.m.12 views

CVE-2025-9254 Uniong|WebITR - Missing Authentication

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...

9.8CVSS0.00608EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/22 11:21 a.m.3 views

CVE-2025-9254 Uniong|WebITR - Missing Authentication

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...

9.8CVSS7.5AI score0.00608EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 11:21 a.m.21 views

CVE-2025-9254

CVE-2025-9254 concerns WebITR by Uniong with a missing authentication vulnerability that allows unauthenticated remote attackers to log in as arbitrary users by exploiting a specific functionality. Multiple sources (Red Hat, NVD, CVE lists) describe an unauthenticated access/control issue; the ex...

9.8CVSS7.5AI score0.00608EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.5 views

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

7.1CVSS6.9AI score0.00502EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.4 views

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

7.1CVSS6.9AI score0.00502EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.9 views

PT-2025-34341 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong suffers from a missing authentication issue. This allows unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specif...

9.8CVSS7.5AI score0.00608EPSS
Exploits0References8
Rows per page
Query Builder