CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-18626

Malicious code in bioql PyPI...

9.9CVSS6.5AI score0.00887EPSS

Exploits2References3

RedhatCVE•added 2025/06/23 8:41 a.m.•4 views

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

9.9CVSS8.2AI score0.00887EPSS

Exploits2References1

OSV•added 2025/06/18 2:15 p.m.•1 views

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

9.9CVSS6.2AI score0.00887EPSS

Exploits2References3

NVD•added 2025/06/18 2:15 p.m.•3 views

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

9.9CVSS0.00887EPSS

Exploits2References3

Cvelist•added 2025/06/18 12:0 a.m.•9 views

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

0.00887EPSS

Exploits2References3

Vulnrichment•added 2025/06/18 12:0 a.m.•3 views

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

9.7AI score0.00887EPSS

Exploits2References3

CVE•added 2025/06/18 12:0 a.m.•23 views

CVE-2025-46157

CVE-2025-46157 affects EfroTech Time Trax v1.0, specifically the Leave Request form in the Attendance module. The issue is an unrestricted file upload/weak server-side validation that enables remote code execution (RCE) by uploading a crafted file (e.g., changing a .txt to .asp). The CVSS v3.1 ba...

9.9CVSS7.6AI score0.00887EPSS

Exploits2References3Affected Software1