67 matches found
CVE-2025-14254
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14255
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14253
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-14253
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-14255 Galaxy Software Services|Vitals ESP - SQL Injection
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14255 Galaxy Software Services|Vitals ESP - SQL Injection
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
EUVD-2025-201695
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14255
CVE-2025-14255 relates to Vitals ESP (Galaxy Software Services). Connected sources confirm a SQL Injection vulnerability in Vitals ESP, enabling authenticated remote attackers to inject arbitrary SQL commands to read database contents. The issue is described consistently across Red Hat, NVD, CVE ...
CVE-2025-14254 Galaxy Software Services|Vitals ESP - SQL Injection
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14254
CVE-2025-14254 affects Galaxy Software Services’ Vitals ESP. The vulnerability is a SQL Injection in the product, allowing authenticated remote attackers to inject arbitrary SQL to read database contents. Reported across multiple feeds (NVD, Red Hat, CVE lists) with CVSS v3.1 base score 6.5 (MEDI...
EUVD-2025-201691
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14253
The CVE-2025-14253 entry concerns Vitals ESP by Galaxy Software Services, noting an Arbitrary File Read via Absolute Path Traversal that could allow privileged remote attackers to download arbitrary system files. The public documents provided do not specify a vulnerable component version, root ca...
CVE-2025-14253 Galaxy Software Services|Vitals ESP - Arbitrary File Read
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-14253 Galaxy Software Services|Vitals ESP - Arbitrary File Read
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
Galaxy Software Services Vitals ESP 安全漏洞
Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. A security vulnerability exists in Galaxy Software Services Vitals ESP that originates from absolute path traversal and could lead to arbitrary file reading...
PT-2025-49514
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
Galaxy Software Services Vitals ESP SQL注入漏洞
Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. Galaxy Software Services Vitals ESP suffers from a SQL injection vulnerability that stems from SQL command injection and could result in reading the contents of the database...
Galaxy Software Services Vitals ESP SQL注入漏洞
Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. Galaxy Software Services Vitals ESP suffers from a SQL injection vulnerability that originates from a SQL command injection that could result in reading the contents of the...
PT-2025-49513
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
EUVD-2025-35042
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file...