CVE-2025-55250 HCL AION is affected by a Technical Error Disclosure vulnerability

HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks...

CVE-2025-55250

HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks...

EUVD-2026-3197

HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks...

CVE-2025-55250 HCL AION is affected by a Technical Error Disclosure vulnerability

HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks...

CVE-2026-1152

A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2026-1152

A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2026-1153 technical-laohu mpay cross-site request forgery

A vulnerability was detected in technical-laohu mpay up to 1.2.4. This affects an unknown function. Performing a manipulation results in cross-site request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-1153 technical-laohu mpay cross-site request forgery

A vulnerability was detected in technical-laohu mpay up to 1.2.4. This affects an unknown function. Performing a manipulation results in cross-site request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-1153

The CVE-2026-1153 entry concerns the software package technical-laohu mpay up to version 1.2.4, with a cross-site request forgery (CSRF) condition caused by manipulation of an unknown function. The burdened documents indicate a remote exploitation path is possible and that the exploit is public, ...

CVE-2026-1152 technical-laohu mpay QR Code Image unrestricted upload

A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2026-1152 technical-laohu mpay QR Code Image unrestricted upload

A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2026-1152

The affected software is technical-laohu mpay (versions up to 1.2.4). A vulnerability in the QR Code Image Handler allows manipulation of the codeimg argument that leads to unrestricted file upload. This can be exploited remotely, and public exploits have been disclosed. Remediation per PSIRT/PT ...

CVE-2026-1152

A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2026-1151

A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the...

CVE-2026-1151

A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the...

CVE-2026-1151

CVE-2026-1151 affects technical-laohu mpay (User Center) up to version 1.2.4. Manipulating the Nickname argument in an unknown function enables cross-site scripting. The issue can be exploited remotely and public PoCs exist. Remediation: update to version 1.2.4 or later (versions prior to 1.2.4 s...

CVE-2026-1151

A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the...

PT-2026-3435

Name of the Vulnerable Software and Affected Versions technical-laohu mpay versions up to 1.2.4 Description A security issue exists in the QR Code Image Handler component of technical-laohu mpay. Manipulation of the codeimg argument can lead to unrestricted upload. This issue can be exploited...

PT-2026-3434

Name of the Vulnerable Software and Affected Versions technical-laohu mpay versions up to 1.2.4 Description A flaw exists in the User Center component of technical-laohu mpay. Manipulation of the Nickname argument within an unknown function can lead to cross site scripting. The exploit is publicl...

PT-2026-3471

HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks...