7 matches found
EUVD-2025-6691
Malicious code in bioql PyPI...
CVE-2025-26138
Systemic Risk Value =2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded files are accessible via a predictable numerical ID parameter, allowing unauthorized users to increment or decrement the ID to access and download files they do n...
CVE-2025-26138
Systemic Risk Value =2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded files are accessible via a predictable numerical ID parameter, allowing unauthorized users to increment or decrement the ID to access and download files they do n...
CVE-2025-26138
Systemic Risk Value =2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded files are accessible via a predictable numerical ID parameter, allowing unauthorized users to increment or decrement the ID to access and download files they do n...
CVE-2025-26138
Systemic Risk Value =2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded files are accessible via a predictable numerical ID parameter, allowing unauthorized users to increment or decrement the ID to access and download files they do n...
CVE-2025-26137
Systemic Risk Value =2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information...
CVE-2025-26138
CVE-2025-26138 affects Systemic Risk Value