3 matches found
CVE-2025-1165
A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1165 Lumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted upload
A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1165
Lumsoft ERP 8 is affected by CVE-2025-1165 in the DoUpload/DoWebUpload function of /Api/FileUploadApi.ashx. The vulnerability arises from manipulating the file argument to enable unrestricted remote uploads. Public exploits have been disclosed. Red Hat and community advisories corroborate the iss...