Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2025/11/20 12:0 a.m.15 views

CVE-2025-60738

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 20250721 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters...

0.01001EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/10/16 5:56 p.m.5 views

CVE-2025-34517 Ilevia EVE X1 Server 4.7.18.0.eden Absolute Path Traversal

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal vulnerability in getfilecontent.php that allows an attacker to read arbitrary files. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet...

8.7CVSS6.5AI score0.00613EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2025/10/16 5:55 p.m.6 views

CVE-2025-34512

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting XSS vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary script in the victim's browser. Ilevia has declined to service this vulnerability, and recommends that...

6.1CVSS5.9AI score0.0038EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2025/10/16 5:55 p.m.7 views

CVE-2025-34518

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal vulnerability in getfilecontent.php that allows an attacker to read arbitrary files. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet...

8.7CVSS5.9AI score0.00613EPSS
Exploits3References4
Rows per page
Query Builder