4 matches found
CVE-2025-1646
creationtimestamp| type| source ---|---|--- 2025-02-25 03:25:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5243 2025-02-25 04:00:29+00:00| published-proof-of-concept| Telegram/cLStns7zsxwyvvp-SaqV5KswQNaeisOlZS-64fy21AIBfk 2025-02-25 05:08:07+00:00| seen|...
CVE-2025-1646
A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...
CVE-2025-1646
Lumsoft ERP 8 contains a critical vulnerability in the ASPX File Handler component, specifically in the /Api/TinyMce/UploadAjaxAPI.ashx endpoint. The issue arises from manipulating the file argument, enabling unrestricted file uploads and remote exploitation. Public disclosure exists and has been...
CVE-2025-1646 Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted upload
A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...