Lucene search
K

4 matches found

Circl
Circl
added 2025/02/25 3:25 a.m.8 views

CVE-2025-1646

creationtimestamp| type| source ---|---|--- 2025-02-25 03:25:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5243 2025-02-25 04:00:29+00:00| published-proof-of-concept| Telegram/cLStns7zsxwyvvp-SaqV5KswQNaeisOlZS-64fy21AIBfk 2025-02-25 05:08:07+00:00| seen|...

7.5CVSS7.3AI score0.00443EPSS
Exploits0References3
NVD
NVD
added 2025/02/25 3:15 a.m.7 views

CVE-2025-1646

A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...

7.5CVSS0.00443EPSS
Exploits0References4
CVE
CVE
added 2025/02/25 2:31 a.m.94 views

CVE-2025-1646

Lumsoft ERP 8 contains a critical vulnerability in the ASPX File Handler component, specifically in the /Api/TinyMce/UploadAjaxAPI.ashx endpoint. The issue arises from manipulating the file argument, enabling unrestricted file uploads and remote exploitation. Public disclosure exists and has been...

7.5CVSS6.8AI score0.00443EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/25 2:31 a.m.17 views

CVE-2025-1646 Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted upload

A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...

7.5CVSS0.00443EPSS
Exploits0References4
Rows per page
Query Builder