7 matches found
EUVD-2025-27135
Malicious code in bioql PyPI...
CVE-2025-5993
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to download any file accessible by the the web server process...
CVE-2025-5993
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to download any file accessible by the the web server process...
CVE-2025-5993
CVE-2025-5993 — ITCube CRM path traversal affects ITCube CRM versions 2023.2–2025.2. The vulnerability arises from an insecure fileName parameter, enabling an unauthenticated attacker to craft payloads that download arbitrary files accessible to the web server process. Impact is primarily confide...
CVE-2025-5993 Path Traversal in ITCube CRM
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to download any file accessible by the the web server process...
CVE-2025-5993 Path Traversal in ITCube CRM
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to download any file accessible by the the web server process...
PT-2025-36453
Name of the Vulnerable Software and Affected Versions: ITCube CRM versions 2023.2 through 2025.2 Description: ITCube CRM is susceptible to a path traversal issue. An unauthenticated remote attacker can exploit the fileName parameter to construct payloads that enable the download of any file...