CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in Codecanyon iDentSoft 2.0. It has been classified as critical. This affects an unknown part of the file /clinica/profile/updateSetting of the component Account Setting Page. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate...

7.2CVSS7.2AI score0.00362EPSS

Exploits1References1

NVD•added 2025/07/20 4:15 p.m.•2 views

CVE-2025-7898

7.2CVSS0.00362EPSS

Exploits1References4

OSV•added 2025/07/20 4:15 p.m.•2 views

CVE-2025-7898

7.2CVSS5.5AI score

Exploits0References4

Cvelist•added 2025/07/20 3:14 p.m.•8 views

CVE-2025-7898 Codecanyon iDentSoft Account Setting Page updateSetting unrestricted upload

5.8CVSS0.00362EPSS

Exploits1References4

CVE•added 2025/07/20 3:14 p.m.•15 views

CVE-2025-7898

CVE-2025-7898 concerns Codecanyon iDentSoft 2.0. The vulnerability lies in the Account Setting Page function, specifically the file path /clinica/profile/updateSetting, where manipulation of the parameter photo enables an unrestricted file upload. This can be initiated remotely and is described a...

7.2CVSS4.8AI score0.00362EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/07/20 3:14 p.m.•2 views

CVE-2025-7898 Codecanyon iDentSoft Account Setting Page updateSetting unrestricted upload

5.8CVSS4.8AI score0.00362EPSS

Exploits1References4

Positive Technologies•added 2025/07/20 12:0 a.m.•0 views

PT-2025-30205 · Codecanyon · Identsoft

Name of the Vulnerable Software and Affected Versions: Codecanyon iDentSoft version 2.0 Description: A critical issue exists in Codecanyon iDentSoft 2.0, specifically within the Account Setting Page. The vulnerability allows for unrestricted file upload through manipulation of the photo argument ...

7.2CVSS4.7AI score0.00362EPSS

Exploits1References11

RedhatCVE•added 2025/05/23 10:35 a.m.•5 views

CVE-2024-9031

A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/taskid/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely...

5.4CVSS6.3AI score0.00129EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:46 a.m.•3 views

CVE-2024-8945

A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. This vulnerability affects unknown code of the file /index.php/dashboard/save. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit...

8.8CVSS8.9AI score0.01237EPSS

Exploits3References1

RedhatCVE•added 2025/04/26 12:34 a.m.•5 views

CVE-2025-3855

A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/teammembers/saveprofileimage/ of the component Profile Picture Handler. The manipulation of the argument...

5.3CVSS7.1AI score0.0024EPSS

Exploits1References1

RedhatCVE•added 2025/04/25 9:9 p.m.•8 views

CVE-2024-0545

A vulnerability classified as problematic was found in CodeCanyon RISE Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be initiate...

6.9CVSS7AI score0.00068EPSS

Exploits0References1

OSV•added 2025/04/22 1:15 a.m.•0 views

CVE-2025-3855

5.3CVSS4.8AI score0.0024EPSS

Exploits1References4

NVD•added 2025/04/22 1:15 a.m.•5 views

CVE-2025-3855

5.3CVSS0.0024EPSS

Exploits1References4

Vulnrichment•added 2025/04/22 12:31 a.m.•21 views

CVE-2025-3855 CodeCanyon RISE Ultimate Project Manager Profile Picture save_profile_image resource injection