5.3
CVE-2025-0225 - Tsinghua Unigroup Electronic Archives System exampleDownload.html path traversal
A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipulation of the argument name leads to path traversal: '/../fiβ¦
6.9
CVE-2025-0224 - Provision-ISR SH-4050A-2 server.js information disclosure
A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) and NVR5-8200PX up to 20241220. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /server.js. The manipulation leads toβ¦
6.8
CVE-2025-0223 - IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference
A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Locβ¦
6.8
CVE-2025-0222 - IObit Protected Folder IOCTL IUProcessFilter.sys 0x8001E004 null pointer dereference
A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approachβ¦
6.8
CVE-2025-0221 - IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference
A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locaβ¦
5.3
CVE-2024-13141 - osuuu LightPicture SVG File Upload upload cross site scripting
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotely.β¦
5.1
CVE-2025-0220 - Trimble SPS851 Ethernet Configuration Menu cross site scripting
A vulnerability, which was classified as problematic, was found in Trimble SPS851 488.01. This affects an unknown part of the component Ethernet Configuration Menu. The manipulation of the argument Hostname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit hβ¦
5.3
CVE-2024-13140 - Emlog Pro Cover Upload article.php cross site scripting
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launchβ¦
5.3
CVE-2024-13139 - wangl1989 mysiteforme FileController doContent server-side request forgery
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The attackβ¦
5.1
CVE-2024-13138 - wangl1989 mysiteforme LocalUploadServiceImpl upload unrestricted upload
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attack β¦