CVE-2025-7920

WinMatrix3 Web package developed by Simopro Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

CVE-2025-7918

WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2025-7920

WinMatrix3 Web package developed by Simopro Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

CVE-2025-7917

CVE-2025-7917 concerns the WinMatrix3 Web package from Simopro Technology. The connected sources describe an Arbitrary File Upload vulnerability in WinMatrix3 Web, enabling remote attackers with administrator privileges to upload and execute web shell backdoors, resulting in arbitrary code execut...

PT-2025-30229 · Simopro Technology · Winmatrix3

Name of the Vulnerable Software and Affected Versions: WinMatrix3 affected versions not specified Description: WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability. This allows unauthenticated remote attackers to execute arbitrary code on the server by sending...