Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25209

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25184

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00667EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/21 12:26 a.m.12 views

CVE-2025-51539

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem...

5.3CVSS7.7AI score0.00667EPSS
Exploits1References1
NVD
NVD
added 2025/08/19 4:15 p.m.7 views

CVE-2025-51539

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem...

5.3CVSS0.00667EPSS
Exploits1References1
CVE
CVE
added 2025/08/19 12:0 a.m.21 views

CVE-2025-51539

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability in a web‑exposed script. A remote attacker can supply a crafted path parameter to read arbitrary files from the filesystem via directory traversal (e.g., ../../../), without authentication or proper path handling. Potentia...

5.3CVSS7.6AI score0.00667EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/08/19 12:0 a.m.10 views

CVE-2025-51540

EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...

0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/19 12:0 a.m.20 views

CVE-2025-51540

EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...

7AI score0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/19 12:0 a.m.4 views

CVE-2025-51539

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem...

7.6AI score0.00667EPSS
Exploits1References1
CVE
CVE
added 2025/08/19 12:0 a.m.18 views

CVE-2025-51540

EzGED3 3.5.0 stores passwords using an insecure hashing chain md5(md5(password)) with no salt, enabling offline brute-force attacks if hashes are exposed. Affected versions include 3.5.0 through 3.5.72.27183. Vendor states fix in 3.5.72.27183. Remediation: upgrade to 3.5.72.27183 or later.

5.3CVSS7AI score0.00222EPSS
Exploits0References1
Rows per page
Query Builder