CVE-2025-8307 Recoverable passwords in Asseco Infomedica Plus

Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm...

PT-2026-1958

Name of the Vulnerable Software and Affected Versions Asseco InfoMedica versions prior to 4.50.1 Asseco InfoMedica versions prior to 5.38.0 Description Asseco InfoMedica is a solution for managing administrative and medical tasks in the healthcare sector. A user with low privileges can obtain...

Asseco InfoMedica 安全漏洞

Asseco InfoMedica is a comprehensive healthcare information management system from Asseco Poland. A security vulnerability exists in Asseco InfoMedica version 4.50.1 and prior to version 5.38.0, which stems from a client-side algorithm that can decode stored passwords, potentially leading to...

nopCommerce Cross-Site Scripting Vulnerability (CNVD-2022-70103)

nopCommerce is an open source general-purpose e-commerce platform. nopCommerce version 4.50.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data in the "Text" parameter when creating a new post. An attacker...

nopCommerce Cross-Site Scripting Vulnerability (CNVD-2022-70102)

nopCommerce is an open source general-purpose e-commerce platform. nopCommerce version 4.50.1 contains a cross-site scripting vulnerability that stems from the fact that a customer's name is reflected in the response without HTML encoding, which can be exploited by an attacker to inject javascrip...

nopCommerce 跨站脚本漏洞

nopCommerce is an open source general-purpose e-commerce platform. nopCommerce version 4.50.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data in the "Text" parameter when creating a new post. An attacker...