Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/02/23 8:2 p.m.27 views

CVE-2026-3025 ShuoRen Smart Heating Integrated Management Platform ExampleNodeService.asmx unrestricted upload

A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx. Executing a manipulation of the argument File can lead to unrestricted upload. It is possible...

7.5CVSS0.00378EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/12 5:12 p.m.5 views

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

7.5CVSS6.5AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2025/12/04 4:16 p.m.3 views

CVE-2025-57210

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...

7.5CVSS0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.4 views

PT-2025-49073

Name of the Vulnerable Software and Affected Versions platform version 1.0.0 Description An access control issue exists in the ApiPayController.java component, potentially allowing unauthorized access to sensitive information. The vulnerability is present in platform version 1.0.0. The attack...

7.5CVSS6.3AI score0.00246EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/12/04 12:0 a.m.3 views

CVE-2025-57210

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...

6.2AI score0.00246EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/04 12:0 a.m.2 views

CVE-2025-57212

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

6.1AI score0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/04 12:0 a.m.5 views

EUVD-2025-201239

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

6AI score0.00246EPSS
Exploits0References3
CVE
CVE
added 2025/12/04 12:0 a.m.8 views

CVE-2025-57212

CVE-2025-57212 affects platform v1.0.0 in the ApiOrderService.java component, where improper access control may allow an attacker to disclose sensitive information via a crafted request. Evidence across multiple sources confirms the same description without additional exploit details. The vulnera...

7.5CVSS6.1AI score0.00246EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/03 11:2 p.m.2 views

CVE-2025-9936 fuyang_lipengjun platform queryAll AdController improper authorization

A vulnerability was identified in fuyanglipengjun platform 1.0.0. This issue affects the function AdController of the file /ad/queryAll. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...

5.3CVSS6.6AI score0.00325EPSS
Exploits1References4
Rows per page
Query Builder