Lucene search
K

67 matches found

NVD
NVD
added 2025/12/08 8:15 a.m.6 views

CVE-2025-14254

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00283EPSS
Exploits0References2
NVD
NVD
added 2025/12/08 8:15 a.m.12 views

CVE-2025-14255

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00283EPSS
Exploits0References2
NVD
NVD
added 2025/12/08 8:15 a.m.3 views

CVE-2025-14253

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

6.9CVSS0.00423EPSS
Exploits0References2
OSV
OSV
added 2025/12/08 8:15 a.m.10 views

CVE-2025-14253

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

6.9CVSS6AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/08 7:43 a.m.27 views

CVE-2025-14255 Galaxy Software Services|Vitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00283EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/08 7:43 a.m.3 views

CVE-2025-14255 Galaxy Software Services|Vitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS7.6AI score0.00283EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/08 7:43 a.m.5 views

EUVD-2025-201695

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS7.5AI score0.00283EPSS
Exploits0References3
CVE
CVE
added 2025/12/08 7:43 a.m.19 views

CVE-2025-14255

CVE-2025-14255 relates to Vitals ESP (Galaxy Software Services). Connected sources confirm a SQL Injection vulnerability in Vitals ESP, enabling authenticated remote attackers to inject arbitrary SQL commands to read database contents. The issue is described consistently across Red Hat, NVD, CVE ...

7.1CVSS7.6AI score0.00283EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/08 7:41 a.m.26 views

CVE-2025-14254 Galaxy Software Services|Vitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00283EPSS
Exploits0References2
CVE
CVE
added 2025/12/08 7:41 a.m.10 views

CVE-2025-14254

CVE-2025-14254 affects Galaxy Software Services’ Vitals ESP. The vulnerability is a SQL Injection in the product, allowing authenticated remote attackers to inject arbitrary SQL to read database contents. Reported across multiple feeds (NVD, Red Hat, CVE lists) with CVSS v3.1 base score 6.5 (MEDI...

7.1CVSS7.6AI score0.00283EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/12/08 7:41 a.m.4 views

EUVD-2025-201691

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS7.5AI score0.00283EPSS
Exploits0References3
CVE
CVE
added 2025/12/08 7:38 a.m.10 views

CVE-2025-14253

The CVE-2025-14253 entry concerns Vitals ESP by Galaxy Software Services, noting an Arbitrary File Read via Absolute Path Traversal that could allow privileged remote attackers to download arbitrary system files. The public documents provided do not specify a vulnerable component version, root ca...

6.9CVSS6.8AI score0.00423EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/08 7:38 a.m.27 views

CVE-2025-14253 Galaxy Software Services|Vitals ESP - Arbitrary File Read

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

6.9CVSS0.00423EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/08 7:38 a.m.2 views

CVE-2025-14253 Galaxy Software Services|Vitals ESP - Arbitrary File Read

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

6.9CVSS6.8AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.5 views

Galaxy Software Services Vitals ESP 安全漏洞

Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. A security vulnerability exists in Galaxy Software Services Vitals ESP that originates from absolute path traversal and could lead to arbitrary file reading...

6.9CVSS6.8AI score0.00423EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.7 views

PT-2025-49514

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS8AI score0.00283EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.3 views

Galaxy Software Services Vitals ESP SQL注入漏洞

Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. Galaxy Software Services Vitals ESP suffers from a SQL injection vulnerability that stems from SQL command injection and could result in reading the contents of the database...

7.1CVSS8.1AI score0.00283EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.6 views

Galaxy Software Services Vitals ESP SQL注入漏洞

Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. Galaxy Software Services Vitals ESP suffers from a SQL injection vulnerability that originates from a SQL command injection that could result in reading the contents of the...

7.1CVSS8.1AI score0.00283EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.4 views

PT-2025-49513

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

6.9CVSS7.1AI score0.00423EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/20 7:56 a.m.5 views

EUVD-2025-35042

An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file...

9.3CVSS7AI score0.00469EPSS
Exploits0References2
Rows per page
Query Builder