Lucene search
K

9 matches found

NVD
NVD
added 2026/06/29 6:16 a.m.10 views

CVE-2026-13535

A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employeemodel.php of the component View Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack...

6.5CVSS0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 4:30 a.m.36 views

CVE-2026-13535 CodeAstro Human Resource Management System View Endpoint Employee_model.php GetFileInfo sql injection

A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employeemodel.php of the component View Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack...

6.5CVSS0.00204EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 4:30 a.m.15 views

CVE-2026-13535

CodeAstro HRMS 1.0 is affected by an SQL injection in the View Endpoint’s GetFileInfo (Employee_model.php). Manipulating the ID argument enables remote SQL injection, with proofs-of-concept published. Root cause: unsafely concatenated or unsanitized ID in GetFileInfo; impact is limited to confide...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/12 1:4 a.m.11 views

CVE-2025-70084

Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtilGetFileInfo function...

7.5CVSS5.7AI score0.00759EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/11 12:0 a.m.22 views

CVE-2025-70084

Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtilGetFileInfo function...

0.00759EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.14 views

PT-2026-7629

Name of the Vulnerable Software and Affected Versions OpenSatKit version 2.2.1 Description A directory traversal issue exists in OpenSatKit 2.2.1. This allows attackers to potentially access sensitive information or delete arbitrary files by providing a crafted value to the FileUtil GetFileInfo...

5.6AI score0.00759EPSS
Exploits0References6
CVE
CVE
added 2026/02/11 12:0 a.m.23 views

CVE-2025-70084

OpenSatKit 2.2.1 is affected by a directory traversal vulnerability in the FileUtil_GetFileInfo function, allowing an attacker to access sensitive information or delete files via a crafted value. The CVE entry and Red Hat/NVD/CIRCL attestations confirm the affected product/version and the underly...

7.5CVSS5.7AI score0.00759EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/11 12:0 a.m.5 views

CVE-2025-70084

Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtilGetFileInfo function...

7.5CVSS5.7AI score0.00759EPSS
Exploits0References6
Check Point Advisories
Check Point Advisories
added 2011/05/29 12:0 a.m.3 views

Siemens Tecnomatix FactoryLink SCADA CSService GetFileInfo Buffer Overflow

Siemens Tecnomatix FactoryLink is a Supervisory Control and Data Acquisition SCADA system used for monitoring and controlling industrial processes. A buffer overflow vulnerability have been reported in Siemens Tecnomatix FactoryLink SCADA system. The vulnerability is due to a boundary error in...

7.8AI score
Exploits0
Rows per page
Query Builder