6 matches found
CVE-2024-53636
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...
CVE-2024-53636
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...
PT-2025-17959
Name of the Vulnerable Software and Affected Versions Serosoft Academia Student Information System SIS EagleR version 1.0.118 Description An arbitrary file upload vulnerability via writefile.php allows attackers to execute arbitrary code via ../ in the filePath parameter. This issue enables...
CVE-2024-53636
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...
CVE-2025-27585
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update...
CVE-2025-25949
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update...