EUVD-2025-7569

Malicious code in bioql PyPI...

EUVD-2025-7571

Malicious code in bioql PyPI...

CVE-2025-2495

Stored Cross-Site Scripting XSS in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to upload XML files to the server with JavaScript code injected via the ‘/softdial/scheduler/save.php’ resource. The injected code will execute when the uploaded file is loaded via the...

CVE-2025-2493

Path Traversal vulnerability in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to manipulate the ‘id’ parameter of the ‘/softdial/scheduler/load.php’ endpoint to navigate beyond the intended directory. This can allow unauthorised access to sensitive files outside the...

CVE-2025-2494

Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the ‘/softdial/phpconsole/upload.php’ endpoint, which is protected by basic HTTP authentication. The files are uploaded to a directory exposed by the web...

CVE-2025-2493

Path Traversal vulnerability in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to manipulate the ‘id’ parameter of the ‘/softdial/scheduler/load.php’ endpoint to navigate beyond the intended directory. This can allow unauthorised access to sensitive files outside the...

CVE-2025-2495

The CVE-2025-2495 issue affects Softdial Contact Center (Sytel Ltd.). It is a stored XSS vulnerability where an attacker can upload XML files via /softdial/scheduler/save.php; the injected JavaScript executes when the file is loaded through /softdial/scheduler/load.php, enabling potential redirec...

CVE-2025-2494 Unrestricted file upload vulnerability in Softdial Contact Center

Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the ‘/softdial/phpconsole/upload.php’ endpoint, which is protected by basic HTTP authentication. The files are uploaded to a directory exposed by the web...

CVE-2025-2494 Unrestricted file upload vulnerability in Softdial Contact Center

Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the ‘/softdial/phpconsole/upload.php’ endpoint, which is protected by basic HTTP authentication. The files are uploaded to a directory exposed by the web...

CVE-2025-2494

CVE-2025-2494 describes an unrestricted file upload vulnerability in Softdial Contact Center (Sytel Ltd.). An attacker can upload files via the /softdial/phpconsole/upload.php endpoint, which is protected by basic HTTP authentication, into a directory exposed by the web application. The uploaded ...

CVE-2025-2493 Path Traversal vulnerability in Softdial Contact Center

Path Traversal vulnerability in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to manipulate the ‘id’ parameter of the ‘/softdial/scheduler/load.php’ endpoint to navigate beyond the intended directory. This can allow unauthorised access to sensitive files outside the...

CVE-2025-2493

CVE-2025-2493 describes a path traversal vulnerability in Softdial Contact Center (Sytel Ltd.). The flaw arises from insufficient validation of the id parameter in the /softdial/scheduler/load.php endpoint, allowing an attacker to navigate outside the intended directory and potentially access sen...