121 matches found
CVE-2025-9254
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...
CVE-2025-9259 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9259
CVE-2025-9259 concerns WebITR by Uniong, with an arbitrary file reading vulnerability caused by an Absolute Path Traversal issue. The affected software/component is WebITR; the impact described is that remote attackers with regular privileges can download arbitrary system files. Public references...
CVE-2025-9258 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9258
CVE-2025-9258 concerns WebITR (Uniong). The vulnerability is an Arbitrary File Reading via an Absolute Path Traversal flaw in WebITR, allowing remote attackers with regular privileges to download arbitrary system files. Connected sources provide details on affected product (WebITR by Uniong) and ...
CVE-2025-9258 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9257 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9257
CVE-2025-9257 involves WebITR by Uniong, which is vulnerable to an Arbitrary File Reading via Absolute Path Traversal . The issue affects the WebITR component and allows a remote attacker with regular privileges to perform a path traversal over the network to download arbitrary system files. The ...
CVE-2025-9256
CVE-2025-9256 affects WebITR (Uniong). An Arbitrary File Reading via Absolute Path Traversal allows remote attackers with regular privileges to download arbitrary system files. Exploitation vectors are network-based with low complexity per CVSS data; impact is high confidentiality. The provided d...
CVE-2025-9256 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9256 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9255 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-9255
WebITR by Uniong is affected by a SQL injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands and read database contents. The available documents consistently describe this as a SQL injection issue in the WebITR system, without providing concrete deta...
CVE-2025-9255 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-9254 Uniong|WebITR - Missing Authentication
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...
CVE-2025-9254 Uniong|WebITR - Missing Authentication
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...
CVE-2025-9254
CVE-2025-9254 concerns WebITR by Uniong with a missing authentication vulnerability that allows unauthenticated remote attackers to log in as arbitrary users by exploiting a specific functionality. Multiple sources (Red Hat, NVD, CVE lists) describe an unauthenticated access/control issue; the ex...
Uniong WebITR 安全漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...
Uniong WebITR 安全漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...
PT-2025-34341 · Uniong · Webitr
Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong suffers from a missing authentication issue. This allows unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specif...