CVE-2026-1514 2100 Technology｜Official Document Management System - Incorrect Authorization

Official Document Management System developed by 2100 Technology has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to modify front-end code to read all official documents...

CVE-2026-1514

Technical details are not publicly available in the provided documents (no affected version, patch info, or exploit details). Monitor for updates.

Kalmia 安全漏洞

Kalmia is an open source document content management system from Iridia Solutions Private Limited. A security vulnerability exists in Kalmia version 0.2.0, which stems from the authentication mechanism returning a different error message that could lead to user enumeration...

PT-2025-41709

Name of the Vulnerable Software and Affected Versions RainyGao DocSys versions through 2.02.36 Description A flaw exists in RainyGao DocSys that allows for remote manipulation leading to SQL injection. The issue is related to the getUserList function within the /Manage/getUserList.do file. The...

EUVD-2025-27606

Malicious code in bioql PyPI...

EUVD-2021-9994

Malicious code in bioql PyPI...

CVE-2025-8532

Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows – Exploitation of Trusted Identifiers, – Exploitation of Authorization, – Variable...

CVE-2025-8532

Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing. This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166...

CVE-2025-8532 IDOR in Bimser's eBA Document and Workflow Management System

Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing. This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166...

CVE-2025-8532 IDOR in Bimser's eBA Document and Workflow Management System

Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing. This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166...

CVE-2025-10209

A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public...

CVE-2021-34683

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

CVE-2021-34683

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

Information disclosure

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

CVE-2021-34683

CVE-2021-34683 affects EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can access the endpoint kw/auth/bbs/asp/get_user_email_info_bbs.asp to obtain the contact information (names and e-mail addresses) of everyone in the organization, enabling social engineering or br...

CVE-2021-34683

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

EXCELLENT INFOTEK CORPORATION (EIC) E-document System 信息泄露漏洞

Excellent Infotek Corporation EIC e-document system is an application system of Excellent Infotek Corporation. It provides precise, simple and standardized XML document forms to simplify the process of writing and transmitting complicated documents. EXCELLENT INFOTEK CORPORATION EIC E-document...

CVE-2021-22859

The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without privilege...

CVE-2021-22860

EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary...

CVE-2021-22859

The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without privilege...