Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2025/09/22 1:16 p.m.3 views

CVE-2025-59797

Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/id and also URLs for eversports, the user-management page, and the plane page...

5.8CVSS0.00042EPSS
Exploits0References2
CVE
CVEadded 2025/09/22 12:0 a.m.13 views

CVE-2025-59797

Profession Fit 5.0.99 Build 44910 contains an authorization bypass vulnerability. The issue allows access via a direct request to the API endpoint /api/challenges/{id} and direct URL access to the eversports, user-management, and plane pages, indicating insufficient access control on these resour...

5.8CVSS6.5AI score0.00042EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/22 12:0 a.m.2 views

Profession Fit 安全漏洞

Profession Fit is a health and employee wellness app from German company Profession Fit. A security vulnerability exists in Profession Fit version 5.0.99 Build 44910, which stems from the fact that a direct request to a URL such as /api/challenges/id may result in authorization bypass...

5.8CVSS6.7AI score0.00042EPSS
Exploits0References3
Rows per page
Query Builder