2 matches found
CVE-2025-65783
CVE-2025-65783: Hubert Hub v2.0 1.27.3 contains an arbitrary file upload flaw in /utils/uploadFile that allows an attacker to execute arbitrary code by uploading a crafted PDF. The description and connected Red Hat/NVD entries confirm the vulnerability type and impact (remote, no authentication, ...
CVE-2025-65784
Hubert Hub v2.0.1.27.3 (Hubert Imoveis e Administracao Ltda) has an insecure permissions issue that lets authenticated users with low privileges retrieve other users’ information through a crafted API request. Impact: confidentiality of data. Root cause: improper access controls on API endpoints....