Lucene search
K

9 matches found

NVD
NVD
added 2026/02/22 2:16 p.m.8 views

CVE-2026-2952

A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...

9.8CVSS0.0609EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.7 views

PT-2026-21451

Name of the Vulnerable Software and Affected Versions Vaelsys version 4.1.0 Description A flaw exists in Vaelsys 4.1.0 related to the HTTP POST Request Handler component. Specifically, manipulation of the xajaxargs argument within a request to the file '/tree/tree server.php' can lead to operatin...

9.8CVSS7.3AI score0.0609EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-22854

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.03247EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/07/30 6:33 a.m.18 views

CVE-2025-8261

A weakness has been identified in Vaelsys VaelsysV4 4.1.0. This vulnerability affects unknown code of the file /grid/vgridserver.php of the component User Creation Handler. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been...

9.8CVSS6.8AI score0.00627EPSS
Exploits1References1
OSV
OSV
added 2025/07/28 6:15 a.m.3 views

CVE-2025-8259

A vulnerability, which was classified as critical, was found in Vaelsys 4.1.0. This affects the function executeDataObjectProc of the file /grid/vgridserver.php. The manipulation of the argument xajaxargs leads to os command injection. It is possible to initiate the attack remotely. The exploit h...

9.8CVSS5.5AI score0.03247EPSS
Exploits1References4
CVE
CVE
added 2025/07/28 6:2 a.m.35 views

CVE-2025-8260

CVE-2025-8260 affects Vaelsys 4.1.0, specifically code in /grid/vgrid_server.php of the MD4 Hash Handler. Manipulating the argument xajaxargs leads to use of a weak hash. The vulnerability is exploitable remotely with network access; attack complexity is described as high, and exploitation is con...

7.5CVSS5AI score0.00228EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/07/28 6:2 a.m.46 views

CVE-2025-8260 Vaelsys VaelsysV4 Web interface vgrid_server.php weak hash

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgridserver.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out...

3.1CVSS0.00228EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/07/28 5:32 a.m.3 views

CVE-2025-8259 Vaelsys VaelsysV4 Web interface vgrid_server.php execute_DataObjectProc os command injection

A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function executeDataObjectProc of the file /grid/vgridserver.php of the component Web interface. Such manipulation of the argument xajaxargs leads to os command injection. The attack can be execut...

7.5CVSS6.8AI score0.03247EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.12 views

PT-2025-31050 · Unknown · Vaelsys 4.1.0

Name of the Vulnerable Software and Affected Versions: Vaelsys version 4.1.0 Description: A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code of the file /grid/vgrid server.php of the component MD4 Hash Handler. The manipulation o...

7.5CVSS3.9AI score0.00228EPSS
Exploits1References7
Rows per page
Query Builder