40 matches found
EUVD-2025-12482
Malicious code in bioql PyPI...
EUVD-2025-5843
Malicious code in bioql PyPI...
EUVD-2025-5836
Malicious code in bioql PyPI...
CVE-2024-53636
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...
Serosoft Solutions Academia Student Information System EagleR 安全漏洞
Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR version 1.0.118, which stems from improper manipulation of the file path...
CVE-2025-25950
Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-27583
Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-27583
Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-27584
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...
CVE-2025-27583
Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-27585
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update...
CVE-2025-25950
Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-25952
An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...
CVE-2025-25949
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update...
CVE-2025-25948
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-25951
An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information...
CVE-2025-25953
Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information...
CVE-2025-27584
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...
CVE-2025-25949
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update...
CVE-2025-27584
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...