5 matches found
CVE-2025-27584
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update...
CVE-2025-25950
Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows create and modify user accounts, including an Administrator account...
CVE-2025-25949
A stored cross-site scripting XSS vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update...
PT-2025-9571
Name of the Vulnerable Software and Affected Versions Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR version 1.0.118 Description The issue is related to incorrect access control in the /rest/staffResource/update component, allowing unauthorized creation and modification...
PT-2025-9240
Name of the Vulnerable Software and Affected Versions Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR version 1.0.118 Description The issue is related to incorrect access control in the component "/rest/staffResource/update" of the affected software, allowing unauthorize...