5.1
CVE-2025-52546 - Stored XSS by uploading a specially crafted floor plan file
E3 Site Supervisor Control (firmware version < 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can inject a stored XSS to the floorplan web page.
7.7
CVE-2025-52545 - Privilege escalation in the application services
E3 Site Supervisor Control (firmware version < 2.31F01) RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services.
8.8
CVE-2025-52544 - Arbitrary read file from the filesystem
E3 Site Supervisor Control (firmware version < 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system.
5.3
CVE-2025-52543 - Login to the application services using only the password hash
E3 Site Supervisor Control (firmware version < 2.31F01) application services (MGW and RCI) uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash.
9.3
CVE-2025-6519 - Consistent predictable generation of the password for the default admin user "ONEDAY" to the applic…
E3 Site Supervisor (firmware version < 2.31F01) has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user.
9.8
CVE-2025-5662 - Deserialization Vulnerability in h2oai/h2o-3
A deserialization vulnerability exists in the H2O-3 REST API (POST /99/ImportSQLTable) that affects all versions up to 3.46.0.7. This vulnerability allows remote code execution (RCE) due to improper validation of JDBC connection parameters when using a Key-Value format. The vulnerability is present…
8.6
CVE-2025-9573 - Command Injection in extension "TYPO3 Backup Plus" (ns_backup)
The ns_backup extension through 13.0.2 for TYPO3 allows command injection.
6.9
CVE-2025-41031 - Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnova_c/FotoUsuario/llamadaAjax/uploadImage’.
6.9
CVE-2025-41030 - Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnova_v2/Integrantes_Recurso_v2_1/llamadaAjax/buscarPersona’ using the ‘dni’ parameter.
7.4
CVE-2025-41690 - Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions
A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configura…