EUVD-2025-16716

Malicious code in bioql PyPI...

CVE-2025-41428

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker...

CVE-2025-41428

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker...

CVE-2025-41428

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker...

CVE-2025-41428

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker...

CVE-2025-41428

TimeWorks CVE-2025-41428 affects the web server module in TimeWorks versions 10.0–10.3, with a path traversal (CWE-22) flaw that can allow a remote unauthenticated attacker to view arbitrary JSON files on the server. Root cause: improper limitation of a pathname to a restricted directory. Public ...

TimeWorks vulnerable to path traversal

Overview The web server module of TimeWorks provided by Keiyo System Co., LTD contains the following vulnerability. Path traversal CWE-22 - CVE-2025-41428 Masamu Asato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

Keiyo System TimeWorks 路径遍历漏洞

Keiyo System TimeWorks is an attendance management system from Keiyo System in Japan. A path traversal vulnerability exists in Keiyo System TimeWorks versions 10.0 to 10.3, which stems from a path traversal issue that could lead to remote unauthorized viewing of arbitrary JSON files...

JVN#37075430: TimeWorks vulnerable to path traversal

The web server module of TimeWorks provided by Keiyo System Co., LTD contains the following vulnerability. Path traversal CWE-22 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score 5.3 CVE-2025-41428 Impact Arbitra...

PT-2025-23591 · Timeworks · Timeworks

Name of the Vulnerable Software and Affected Versions: TimeWorks versions 10.0 through 10.3 Description: The issue is related to improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This could allow a remote unauthenticated attacker to access arbitrary JSON...