Lucene search
K

112 matches found

Cvelist
Cvelist
added 2025/03/17 12:0 a.m.24 views

CVE-2025-25618

Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers...

0.0043EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.5 views

Unifiedtransform 安全漏洞

Unifiedtransform is an open source school management software from the individual developer Hasib Mahmud. A security vulnerability exists in Unifiedtransform version 2.0, which stems from improper access control and could lead to teachers signing in with each other...

4.3CVSS6.4AI score0.00362EPSS
Exploits2References3
CVE
CVE
added 2025/03/17 12:0 a.m.67 views

CVE-2025-25618

CVE-2025-25618 affects Unifiedtransform 2.0. Root cause: improper access control that permits privilege escalation, enabling teachers to change section names and room numbers. Impact is limited to unauthorized modifications by users with teacher privileges; CVSS 3.1 metrics indicate Network acces...

3.3CVSS7AI score0.0043EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/03/17 12:0 a.m.54 views

CVE-2025-25621

CVE-2025-25621 (Unifiedtransform 2.0) is tied to an Incorrect Access Control flaw that lets a teacher take attendance for other teachers via the endpoint /courses/teacher/index?teacher_id=2&semester_id=1. Affected product is Unifiedtransform 2.x; root cause is improper access checks that allow pr...

4.3CVSS6.9AI score0.00362EPSS
Exploits2References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/15 2:18 a.m.7 views

CVE-2025-25614

Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal data of fellow teachers...

8.8CVSS6.8AI score0.00693EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/15 2:18 a.m.10 views

CVE-2025-25616

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?examruleid=1...

7.6CVSS6.8AI score0.00391EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/15 2:16 a.m.15 views

CVE-2025-25615

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...

6CVSS6.8AI score0.00454EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/15 2:16 a.m.10 views

CVE-2025-25620

Unifiedtransform 2.0 is vulnerable to Cross Site Scripting XSS in the Create assignment function...

5.4CVSS6AI score0.00516EPSS
Exploits1References1
OSV
OSV
added 2025/03/10 3:15 p.m.7 views

CVE-2025-25614

Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal data of fellow teachers...

8.8CVSS7.1AI score0.00693EPSS
Exploits1References2
NVD
NVD
added 2025/03/10 3:15 p.m.6 views

CVE-2025-25620

Unifiedtransform 2.0 is vulnerable to Cross Site Scripting XSS in the Create assignment function...

5.4CVSS0.00516EPSS
Exploits1References2
NVD
NVD
added 2025/03/10 3:15 p.m.12 views

CVE-2025-25614

Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal data of fellow teachers...

8.8CVSS0.00693EPSS
Exploits1References2
NVD
NVD
added 2025/03/10 2:15 p.m.39 views

CVE-2025-25616

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?examruleid=1...

7.6CVSS0.00391EPSS
Exploits0References2
OSV
OSV
added 2025/03/10 2:15 p.m.12 views

CVE-2025-25616

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?examruleid=1...

4.3CVSS6.8AI score0.00391EPSS
Exploits0References2
NVD
NVD
added 2025/03/10 2:15 p.m.29 views

CVE-2025-25615

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...

6CVSS0.00454EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/10 12:0 a.m.9 views

CVE-2025-25620

Unifiedtransform 2.0 is vulnerable to Cross Site Scripting XSS in the Create assignment function...

6.2AI score0.00516EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/10 12:0 a.m.7 views

CVE-2025-25616

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?examruleid=1...

7.5AI score0.00391EPSS
Exploits0References2
CVE
CVE
added 2025/03/10 12:0 a.m.62 views

CVE-2025-25615

Unifiedtransform 2.0 is affected by an incorrect access control vulnerability that allows viewing attendance lists for all class sections. The issue is a confidentiality-related flaw in access control, enabling unauthorized exposure of attendance data without exploitation details provided in the ...

6CVSS7.2AI score0.00454EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/03/10 12:0 a.m.26 views

CVE-2025-25615

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...

0.00454EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/10 12:0 a.m.4 views

Unifiedtransform 访问控制错误漏洞

Unifiedtransform is an open source school management software from the individual developer Hasib Mahmud. A security vulnerability exists in Unifiedtransform version 2.0, which stems from an access control error that could lead to viewing attendance lists for all classes...

6CVSS6.6AI score0.00454EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/10 12:0 a.m.15 views

CVE-2025-25620

Unifiedtransform 2.0 is vulnerable to Cross Site Scripting XSS in the Create assignment function...

0.00516EPSS
Exploits1References2
Rows per page
Query Builder