360 matches found
CVE-2025-9062 IDOR in MeCODE Informatics' Envanty
Authorization Bypass Through User-Controlled Key vulnerability in MeCODE Informatics and Engineering Services Ltd. Envanty allows Parameter Injection. This issue affects Envanty: before 1.0.6. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. The...
CVE-2025-14014 Insecure File Upload in NTN Informatics' Smart Panel
Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd. Co. Smart Panel allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Smart Panel: before 20251215...
CVE-2025-1301
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Yordam Informatics Library Automation System allows Reflected XSS. This issue affects Library Automation System: before 21.6...
CVE-2025-7358
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Authentication Abuse.This issue affects SoliClub: before 5.3.7...
CVE-2025-1031
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc. SoliClub allows Functionality Misuse.This issue affects SoliClub: from 5.2.4 before 5.3.7...
CVE-2025-7358 Use of Hard-coded Credentials in Utarit Informatics' SoliClub
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Authentication Abuse. This issue affects SoliClub: before 5.3.7...
CVE-2025-7358 Use of Hard-coded Credentials in Utarit Informatics' SoliClub
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Authentication Abuse. This issue affects SoliClub: before 5.3.7...
CVE-2025-7358
CVE-2025-7358 concerns SoliClub by Utarit Informatics Services Inc. where hard-coded credentials exist in SoliClub prior to version 5.3.7, enabling authentication abuse. The issue, documented across multiple feeds, is described as a hard-coded credential flaw that could allow unauthorized access,...
CVE-2025-7047
CVE-2025-7047 describes a Missing Authorization vulnerability in Utarit Informatics Services Inc. SoliClub, allowing privilege abuse. Multiple connected sources (Red Hat, NVD, CVE list, CNNVD, EUVD, CIRCL) consistently state the issue affects SoliClub versions before 5.3.7 and stems from improper...
CVE-2025-7047 Missing Authorization in Utarit Informatics' SoliClub
Missing Authorization vulnerability in Utarit Informatics Services Inc. SoliClub allows Privilege Abuse. This issue affects SoliClub: before 5.3.7...
CVE-2025-7047 Missing Authorization in Utarit Informatics' SoliClub
Missing Authorization vulnerability in Utarit Informatics Services Inc. SoliClub allows Privilege Abuse. This issue affects SoliClub: before 5.3.7...
CVE-2025-1030
CVE-2025-1030 affects SoliClub by Utarit Informatics Services Inc., with exposure of private personal information to unauthorized actors. Affected versions are SoliClub 5.2.4 up to but not including 5.3.7. The issue stems from a data disclosure flaw that allows querying system information. The CV...
CVE-2025-1029
CVE-2025-1029 concerns Utarit Information Services Inc. SoliClub, where hard-coded credentials permit reading sensitive constants from the executable. Multiple sources (NVD, Red Hat, CVE/CVEList, CNNVD, EUVD, etc.) consistently describe impact for SoliClub versions 5.2.4 through 5.3.7. The vulner...
CVE-2025-1029 Hardcoded Credentials in Utarit Informatics' SoliClub
Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants Within an Executable. This issue affects SoliClub: from 5.2.4 before 5.3.7...
PT-2025-52254
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Authentication Abuse.This issue affects SoliClub: before 5.3.7...
PT-2025-52238
Missing Authorization vulnerability in Utarit Informatics Services Inc. SoliClub allows Privilege Abuse.This issue affects SoliClub: before 5.3.7...
CVE-2025-35029
Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to add arbitrary content in the 'Demographic Information' page. This content will be rendered and executed when a victim accesses it. This issue is fixed as of...
Medical Informatics Engineering Enterprise Health 安全漏洞
Medical Informatics Engineering Enterprise Health is a healthcare solution from US-based Medical Informatics Engineering. A security vulnerability exists in Medical Informatics Engineering Enterprise Health that stems from a stored cross-site scripting attack that could lead to the execution of...
PT-2025-47627
Name of the Vulnerable Software and Affected Versions Medical Informatics Engineering Enterprise Health affected versions not specified Description An authenticated attacker can inject arbitrary content into the 'Demographic Information' page, leading to the execution of malicious code when a...
CVE-2025-6919 SQLi in Cats Informatics' Aykome
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cats Information Technology Software Development Technologies Aykome License Tracking System allows SQL Injection. This issue affects Aykome License Tracking System: before Version dated 06.10.2025...