51 matches found
CVE-2025-7920 Simopro Technology|WinMatrix3 Web package - Reflected Cross-Site Scripting
WinMatrix3 Web package developed by Simopro Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-7920
CVE-2025-7920 describes a reflected Cross-site Scripting vulnerability in the WinMatrix3 Web package from Simopro Technology. The issue arises from lack of proper filtering/escaping of user-supplied data, enabling unauthenticated attackers to induce a user to execute arbitrary JavaScript in the b...
CVE-2025-7919 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7919 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7919
CVE-2025-7919 relates to the WinMatrix3 Web package from Simopro Technology, which is affected by an SQL Injection vulnerability. The vulnerability allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Connected sources provide CVS...
CVE-2025-7918
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7917
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-7916
WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized contents...
CVE-2025-7918 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7918
WinMatrix3 Web package from Simopro Technology is affected by a SQL Injection vulnerability. The root cause is lack of input validation that allows unauthenticated attackers to inject SQL to read, modify, and delete database content. Affected component: WinMatrix3 Web package; impact includes hig...
CVE-2025-7918 Simopro Technology|WinMatrix3 Web package - SQL Injection
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-7917 Simopro Technology|WinMatrix3 Web package - Arbitrary File Upload
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-7917 Simopro Technology|WinMatrix3 Web package - Arbitrary File Upload
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-7917
CVE-2025-7917 concerns the WinMatrix3 Web package from Simopro Technology. The connected sources describe an Arbitrary File Upload vulnerability in WinMatrix3 Web, enabling remote attackers with administrator privileges to upload and execute web shell backdoors, resulting in arbitrary code execut...
CVE-2025-7916 Simopro Technology|WinMatrix3 - Insecure Deserialization
WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized contents...
CVE-2025-7916
WinMatrix3 by Simopro Technology is affected by CVE-2025-7916: an insecure deserialization vulnerability that allows unauthenticated remote code execution via crafted serialized content. The issue stems from unsafe deserialization within the server component, enabling arbitrary code execution on ...
CVE-2025-7916 Simopro Technology|WinMatrix3 - Insecure Deserialization
WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized contents...
PT-2025-30229 · Simopro Technology · Winmatrix3
Name of the Vulnerable Software and Affected Versions: WinMatrix3 affected versions not specified Description: WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability. This allows unauthenticated remote attackers to execute arbitrary code on the server by sending...
PT-2025-30231
Name of the Vulnerable Software and Affected Versions WinMatrix3 Web package versions affected versions not specified Description WinMatrix3 Web package developed by Simopro Technology contains a SQL Injection vulnerability. This allows unauthenticated remote attackers to inject arbitrary SQL...
PT-2025-30230 · Simopro Technology · Winmatrix3 Web
Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package versions affected versions not specified Description: The WinMatrix3 Web package developed by Simopro Technology contains an arbitrary file upload issue. This allows remote attackers with administrator privileges to...