Lucene search
+L

4 matches found

Circl
Circl
added 2025/02/25 3:25 a.m.8 views

CVE-2025-1646

creationtimestamp| type| source ---|---|--- 2025-02-25 03:25:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5243 2025-02-25 04:00:29+00:00| published-proof-of-concept| Telegram/cLStns7zsxwyvvp-SaqV5KswQNaeisOlZS-64fy21AIBfk 2025-02-25 05:08:07+00:00| seen|...

7.5CVSS7.3AI score0.00443EPSS
Exploits0References3
NVD
NVD
added 2025/02/25 3:15 a.m.7 views

CVE-2025-1646

A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...

7.5CVSS0.00443EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/25 2:31 a.m.19 views

CVE-2025-1646 Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted upload

A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...

7.5CVSS0.00443EPSS
Exploits0References4
CVE
CVE
added 2025/02/25 2:31 a.m.94 views

CVE-2025-1646

Lumsoft ERP 8 contains a critical vulnerability in the ASPX File Handler component, specifically in the /Api/TinyMce/UploadAjaxAPI.ashx endpoint. The issue arises from manipulating the file argument, enabling unrestricted file uploads and remote exploitation. Public disclosure exists and has been...

7.5CVSS6.8AI score0.00443EPSS
Exploits0References4
Rows per page
Query Builder